[Git][security-tracker-team/security-tracker][master] Reserve DLA-3502-1 for python-git

Tue, 25 Jul 2023 03:09:07 -0700 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6d370503 by Sylvain Beucler at 2023-07-25T12:08:36+02:00
Reserve DLA-3502-1 for python-git

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -104259,7 +104259,6 @@ CVE-2022-24440 (The package cocoapods-downloader 
before 1.6.0, from 1.6.2 and be
 CVE-2022-24439 (All versions of package gitpython are vulnerable to Remote 
Code Execut ...)
        - python-git 3.1.30-1 (bug #1027163)
        [bullseye] - python-git <no-dsa> (Minor issue)
-       [buster] - python-git <no-dsa> (Minor issue)
        NOTE: https://security.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858
        NOTE: 
https://github.com/gitpython-developers/GitPython/commit/787359d80d80225095567340aa5e7ec01847fa9a
 (3.1.30)
        NOTE: 
https://github.com/gitpython-developers/GitPython/commit/678a8fe08dd466fcfe8676294b52887955138960
 (3.1.30)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[25 Jul 2023] DLA-3502-1 python-git - security update
+       {CVE-2022-24439}
+       [buster] - python-git 2.1.11-1+deb10u1
 [25 Jul 2023] DLA-3501-1 renderdoc - security update
        {CVE-2023-33863 CVE-2023-33864 CVE-2023-33865}
        [buster] - renderdoc 1.2+dfsg-2+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -124,9 +124,6 @@ pandoc (guilhem)
   NOTE: 20230721: Discovered the upstream fix for CVE-2023-35936 was 
incomplete,
   NOTE: 20230721: got in touch with them and requested a new CVE. (guilhem)
 --
-python-git (Sylvain Beucler)
-  NOTE: 20230724: Added by Front-Desk (apo)
---
 python-glance-store
   NOTE: 20230525: Added by Front-Desk (lamby)
   NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, 
python-os-brick, nova and cinder.



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d370503f40d83a7778cc08aab79ff9a73a856ec

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d370503f40d83a7778cc08aab79ff9a73a856ec
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to