Abhijith PA pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cc67988d by Abhijith PA at 2024-01-17T15:52:17+05:30
Reserve DLA-3712-1 for kodi
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -41801,7 +41801,6 @@ CVE-2023-30208
CVE-2023-30207 (A divide by zero issue discovered in Kodi Home Theater
Software 19.5 a ...)
- kodi 2:20.0~rc2+dfsg-2 (bug #1040593)
[bullseye] - kodi <no-dsa> (Minor issue)
- [buster] - kodi <no-dsa> (Minor issue)
NOTE: https://github.com/xbmc/xbmc/issues/22378
NOTE:
https://github.com/xbmc/xbmc/commit/dbc00c500f4c4830049cc040a61c439c580eea73
NOTE: https://github.com/xbmc/xbmc/pull/22391
@@ -63494,7 +63493,6 @@ CVE-2023-23083
CVE-2023-23082 (A heap buffer overflow vulnerability in Kodi Home Theater
Software up ...)
- kodi 2:20.0+dfsg-2 (bug #1031048)
[bullseye] - kodi <no-dsa> (Minor issue)
- [buster] - kodi <no-dsa> (Minor issue)
NOTE: https://github.com/xbmc/xbmc/issues/22377
NOTE:
https://github.com/xbmc/xbmc/commit/00fec1dbdd1df827872c7b55ad93059636dfc076
NOTE:
https://github.com/xbmc/xbmc/commit/7e5f9fbf9aaa3540aab35e7504036855b23dcf60
@@ -159825,7 +159823,6 @@ CVE-2021-42918
CVE-2021-42917 (Buffer overflow vulnerability in Kodi xbmc up to 19.0, allows
attacker ...)
- kodi 2:19.3+dfsg1-1 (bug #998419)
[bullseye] - kodi 2:19.1+dfsg2-2+deb11u1
- [buster] - kodi <no-dsa> (Minor issue)
[stretch] - kodi <postponed> (no point in fixing this when the more
severe CVE-2017-5982 is ignored)
- xbmc <removed>
NOTE:
https://github.com/xbmc/xbmc/commit/80c8138c09598e88b4ddb6dbb279fa193bbb3237
@@ -448280,7 +448277,6 @@ CVE-2017-5983 (The JIRA Workflow Designer Plugin in
Atlassian JIRA Server before
NOT-FOR-US: JIRA Workflow Designer Plugin
CVE-2017-5982 (Directory traversal vulnerability in the Chorus2 2.4.2 add-on
for Kodi ...)
- kodi 2:18.6+dfsg1-1 (bug #855225)
- [buster] - kodi <ignored> (Minor issue)
[stretch] - kodi <ignored> (Minor issue)
[jessie] - kodi <ignored> (Minor issue)
- xbmc <removed> (bug #861274)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[17 Jan 2024] DLA-3712-1 kodi - security update
+ {CVE-2017-5982 CVE-2021-42917 CVE-2023-23082 CVE-2023-30207}
+ [buster] - kodi 2:17.6+dfsg1-4+deb10u1
[10 Jan 2024] DLA-3711-1 linux-5.10 - security update
{CVE-2021-44879 CVE-2023-5178 CVE-2023-5197 CVE-2023-5717 CVE-2023-6121
CVE-2023-6531 CVE-2023-6817 CVE-2023-6931 CVE-2023-6932 CVE-2023-25775
CVE-2023-34324 CVE-2023-35827 CVE-2023-45863 CVE-2023-46813 CVE-2023-46862
CVE-2023-51780 CVE-2023-51781 CVE-2023-51782}
[buster] - linux-5.10 5.10.205-2~deb10u1
=====================================
data/dla-needed.txt
=====================================
@@ -115,11 +115,6 @@ keystone (rouca)
knot-resolver (Markus Koschany)
NOTE: 20231029: Added by Front-Desk (gladk)
--
-kodi (Abhijith PA)
- NOTE: 20231228: Added by Front-Desk (lamby)
- NOTE: 20231228: CVE-2021-42917 was postponed in 2021; fixed in bullseye via
DSA or point release. (lamby)
- NOTE: 20240414: Fixed issues.
https://people.debian.org/~abhijith/upload/kport/update/. Testing (abhijith)
---
libreswan
NOTE: 20230817: Added by Front-Desk (ta)
NOTE: 20230909: Prepared a patch for CVE-2023-38712 and pushed it to
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc67988d2ce63a7661ca0091af3876ce01cb50f5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc67988d2ce63a7661ca0091af3876ce01cb50f5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
