Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7590aad9 by Salvatore Bonaccorso at 2023-10-05T22:30:53+02:00
Track proposed update for galera-4 including CVE fix via bullseye-pu
- - - - -
2 changed files:
- data/CVE/list
- data/next-oldstable-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1716,6 +1716,7 @@ CVE-2023-5189 [insecure galaxy-importer tarfile
extraction]
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2234387
CVE-2023-5157 (A vulnerability was found in MariaDB. An OpenVAS port scan on
ports 33 ...)
- galera-4 26.4.13-1
+ [bullseye] - galera-4 <no-dsa> (Minor issue; can be fixed via point
release)
- galera-3 <unfixed> (bug #1053476)
NOTE: https://jira.mariadb.org/browse/MDEV-25068
CVE-2023-5115 [malicious role archive can cause ansible-galaxy to overwrite
arbitrary files]
=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -268,3 +268,5 @@ CVE-2023-32611
[bullseye] - glib2.0 2.66.8-1+deb11u1
CVE-2023-29499
[bullseye] - glib2.0 2.66.8-1+deb11u1
+CVE-2023-5157
+ [bullseye] - galera-4 26.4.14-0+deb11u1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7590aad9bfa1a6d58a8d58e570dc11f3e1b407da
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7590aad9bfa1a6d58a8d58e570dc11f3e1b407da
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
