Anton Gladky pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e1df97c1 by Anton Gladky at 2023-03-21T06:35:41+01:00
Mark 3 gpac CVEs as EOL for buster
- - - - -
e8a8f822 by Anton Gladky at 2023-03-21T06:36:40+01:00
LTS: add curl to dla-needed.txt
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -502,6 +502,7 @@ CVE-2023-1453 (A vulnerability was found in Watchdog
Anti-Virus 1.4.214.0. It ha
NOT-FOR-US: Watchdog Anti-Virus
CVE-2023-1452 (A vulnerability was found in GPAC
2.3-DEV-rev35-gbbca86917-master. It ...)
- gpac <unfixed>
+ [buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2386
NOTE:
https://github.com/gpac/gpac/commit/a5efec8187de02d1f0a412140b0bf030a6747d3f
CVE-2023-1451 (A vulnerability was found in MP4v2 2.1.2. It has been
classified as pr ...)
@@ -510,10 +511,12 @@ CVE-2023-1450 (A vulnerability was found in MP4v2 2.1.2
and classified as proble
NOT-FOR-US: MP4v2
CVE-2023-1449 (A vulnerability has been found in GPAC
2.3-DEV-rev35-gbbca86917-master ...)
- gpac <unfixed>
+ [buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2387
NOTE:
https://github.com/gpac/gpac/commit/8ebbfd61c73d61a2913721a492e5a81fb8d9f9a9
CVE-2023-1448 (A vulnerability, which was classified as problematic, was found
in GPA ...)
- gpac <unfixed>
+ [buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2388
NOTE:
https://github.com/gpac/gpac/commit/8db20cb634a546c536c31caac94e1f74b778b463
CVE-2023-1447 (A vulnerability, which was classified as problematic, has been
found i ...)
=====================================
data/dla-needed.txt
=====================================
@@ -38,6 +38,12 @@ consul (Abhijith PA)
NOTE: 20221031: Concluded that the package should be fixed by the CVE
description. Source code not analyzed in detail.
NOTE: 20230206: VCS: https://salsa.debian.org/lts-team/packages/consul.git
--
+curl
+ NOTE: 20230321: Programming language: C.
+ NOTE: 20230321: VCS: https://salsa.debian.org/lts-team/packages/curl.git
+ NOTE: 20230321: Testsuite:
https://lts-team.pages.debian.net/wiki/TestSuites/curl.html
+ NOTE: 20230321: Special attention: High popcon! Roberto has some experience
with the package..
+--
docker.io (gladk)
NOTE: 20230303: Programming language: Go.
NOTE: 20230303: Follow fixes from bullseye 11.2 (Beuc/front-desk)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f5a4f2c3e631fe6577ae35f57f400d907c83f9ee...e8a8f822978be6c1491f202a03e7122b827bb87e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f5a4f2c3e631fe6577ae35f57f400d907c83f9ee...e8a8f822978be6c1491f202a03e7122b827bb87e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
