Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: bbdc482f by Thorsten Alteholz at 2023-11-19T12:25:47+01:00 mark CVE-2023-42118 as postponed for Buster - - - - - 5e55e16e by Thorsten Alteholz at 2023-11-19T12:26:57+01:00 mark CVE for libspf2 as postponed and remove entry from dla-needed.txt - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -8906,6 +8906,7 @@ CVE-2023-42118 [Exim libspf2 Integer Underflow Remote Code Execution Vulnerabili - libspf2 <unfixed> (bug #1053870) [bookworm] - libspf2 <postponed> (Revisit once upstream and ZDI status is clarfied) [bullseye] - libspf2 <postponed> (Revisit once upstream and ZDI status is clarfied) + [buster] - libspf2 <postponed> (Revisit once upstream and ZDI status is clarfied) NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1472/ NOTE: https://bugs.exim.org/show_bug.cgi?id=3032 NOTE: https://www.openwall.com/lists/oss-security/2023/09/29/5 ===================================== data/dla-needed.txt ===================================== @@ -110,10 +110,6 @@ libreswan NOTE: 20230909: all due to code refactoring. I intend to package the version NOTE: 20230909: from Bullseye instead as soon as the maintainer uploads the fix. (apo) -- -libspf2 (Thorsten Alteholz) - NOTE: 20231016: Added by Front-Desk (ta) - NOTE: 20231105: upstream does not know yet, whether available patch is enough (ta) --- libstb (Adrian Bunk) NOTE: 20231029: Added by Front-Desk (gladk) NOTE: 20231029: A lot of open CVEs. Maybe duplicates. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/937b8b8eb6080ec483c17a1f397419ea0ea8bc65...5e55e16e5064fa8a8d6d1253fcf65fe9e98fd4d3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/937b8b8eb6080ec483c17a1f397419ea0ea8bc65...5e55e16e5064fa8a8d6d1253fcf65fe9e98fd4d3 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits