Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5e7c4ebe by Tobias Frost at 2023-11-18T22:38:14+01:00 Reserve DLA-3655-1 for lwip - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -233674,7 +233674,6 @@ CVE-2020-22284 (A buffer overflow vulnerability in the zepif_linkoutput() functi CVE-2020-22283 (A buffer overflow vulnerability in the icmp6_send_response_with_addrs_ ...) - lwip 2.1.3+dfsg1-1 (bug #991645) [bullseye] - lwip 2.1.2+dfsg1-8+deb11u1 - [buster] - lwip <no-dsa> (Minor issue) NOTE: https://savannah.nongnu.org/bugs/index.php?58553 NOTE: Pre-requisite: http://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=d843e47a1d65451bd7f7aaa5017b408bd108be88 (master) NOTE: Fixed by: https://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=489405839ae0fea8b99c4896f632eb688dc8a19a (master) ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[18 Nov 2023] DLA-3655-1 lwip - security update + {CVE-2020-22283} + [buster] - lwip 2.0.3-3+deb10u2 [17 Nov 2023] DLA-3654-1 freerdp2 - security update {CVE-2021-41160 CVE-2022-24883 CVE-2022-39282 CVE-2022-39283 CVE-2022-39316 CVE-2022-39318 CVE-2022-39319 CVE-2022-39347 CVE-2022-41877} [buster] - freerdp2 2.3.0+dfsg1-2+deb10u4 ===================================== data/dla-needed.txt ===================================== @@ -125,10 +125,6 @@ linux (Ben Hutchings) linux-5.10 NOTE: 20231005: perma-added for LTS package-specific delegation (bwh) -- -lwip (tobi) - NOTE: 20231101: Added by Front-Desk (lamby) - NOTE: 20231101: Sync with bullseye (CVE-2020-22283 & CVE-2020-22284). (lamby) --- mediawiki (guilhem) NOTE: 20231011: Added by Front-Desk (ta) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e7c4ebee2fc91d6ba8f647454321230491e2474 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e7c4ebee2fc91d6ba8f647454321230491e2474 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits