[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-36811/borgbackup: follow stable triage for buster

Sat, 02 Dec 2023 12:57:15 -0800 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fae62075 by Sylvain Beucler at 2023-12-02T21:56:34+01:00
CVE-2023-36811/borgbackup: follow stable triage for buster

- - - - -
6a117129 by Sylvain Beucler at 2023-12-02T21:56:35+01:00
CVE-2023-37271,CVE-2023-41039/restrictedpython: buster postponed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14905,6 +14905,7 @@ CVE-2023-41039 (RestrictedPython is a restricted 
execution environment for Pytho
        - restrictedpython 6.2-1
        [bookworm] - restrictedpython <no-dsa> (Minor issue)
        [bullseye] - restrictedpython <no-dsa> (Minor issue)
+       [buster] - restrictedpython <postponed> (Minor issue, no rdeps)
        NOTE: 
https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-xjw2-6jm9-rf67
        NOTE: Fixed by: 
https://github.com/zopefoundation/RestrictedPython/commit/4134aedcff17c977da7717693ed89ce56d54c120
 CVE-2023-40848 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is 
vulnerable to Bu ...)
@@ -20988,6 +20989,7 @@ CVE-2023-36811 (borgbackup is an opensource, 
deduplicating archiver with compres
        - borgbackup 1.2.5-1
        [bookworm] - borgbackup <ignored> (Minor issue)
        [bullseye] - borgbackup <ignored> (Minor issue)
+       [buster] - borgbackup <ignored> (Minor issue)
        NOTE: 
https://github.com/borgbackup/borg/security/advisories/GHSA-8fjr-hghr-4m99
        NOTE: 
https://github.com/borgbackup/borg/commit/a2ee13fd341dcd004b4a06b17d6f2fc759327861
        NOTE: 
https://github.com/borgbackup/borg/commit/bfead4b288833f890523d8881797ff6b345edaf9
@@ -21716,6 +21718,7 @@ CVE-2023-37271 (RestrictedPython is a tool that helps 
to define a subset of the
        - restrictedpython 6.2-1 (bug #1041429)
        [bookworm] - restrictedpython <no-dsa> (Minor issue)
        [bullseye] - restrictedpython <no-dsa> (Minor issue)
+       [buster] - restrictedpython <postponed> (Minor issue, no rdeps)
        NOTE: 
https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-wqc8-x2pr-7jqh
        NOTE: 
https://github.com/zopefoundation/RestrictedPython/commit/c8eca66ae49081f0016d2e1f094c3d72095ef531
 (master)
        NOTE: 
https://github.com/zopefoundation/RestrictedPython/commit/d8c5aa72c5d0ec8eceab635d93d6bc8321116002
 (5.3)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a36de19cb67e81be08752dd69be71f9e8a8b6843...6a11712929c8b609d801cf58db5a9613578aaa51

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a36de19cb67e81be08752dd69be71f9e8a8b6843...6a11712929c8b609d801cf58db5a9613578aaa51
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to