[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2023-42118 as postponed for Buster

Sun, 19 Nov 2023 03:27:25 -0800 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bbdc482f by Thorsten Alteholz at 2023-11-19T12:25:47+01:00
mark CVE-2023-42118 as postponed for Buster

- - - - -
5e55e16e by Thorsten Alteholz at 2023-11-19T12:26:57+01:00
mark CVE for libspf2 as postponed and remove entry from dla-needed.txt

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -8906,6 +8906,7 @@ CVE-2023-42118 [Exim libspf2 Integer Underflow Remote 
Code Execution Vulnerabili
        - libspf2 <unfixed> (bug #1053870)
        [bookworm] - libspf2 <postponed> (Revisit once upstream and ZDI status 
is clarfied)
        [bullseye] - libspf2 <postponed> (Revisit once upstream and ZDI status 
is clarfied)
+       [buster] - libspf2 <postponed> (Revisit once upstream and ZDI status is 
clarfied)
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1472/
        NOTE: https://bugs.exim.org/show_bug.cgi?id=3032
        NOTE: https://www.openwall.com/lists/oss-security/2023/09/29/5


=====================================
data/dla-needed.txt
=====================================
@@ -110,10 +110,6 @@ libreswan
   NOTE: 20230909: all due to code refactoring. I intend to package the version
   NOTE: 20230909: from Bullseye instead as soon as the maintainer uploads the 
fix. (apo)
 --
-libspf2 (Thorsten Alteholz)
-  NOTE: 20231016: Added by Front-Desk (ta)
-  NOTE: 20231105: upstream does not know yet, whether available patch is 
enough (ta)
---
 libstb (Adrian Bunk)
   NOTE: 20231029: Added by Front-Desk (gladk)
   NOTE: 20231029: A lot of open CVEs. Maybe duplicates.



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/937b8b8eb6080ec483c17a1f397419ea0ea8bc65...5e55e16e5064fa8a8d6d1253fcf65fe9e98fd4d3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/937b8b8eb6080ec483c17a1f397419ea0ea8bc65...5e55e16e5064fa8a8d6d1253fcf65fe9e98fd4d3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to