Guilhem Moulin pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b28985fd by Guilhem Moulin at 2024-01-26T14:52:29+01:00
Triage CVE-2023-48795/dropbear for buster.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -7186,6 +7186,7 @@ CVE-2023-32230 (An improper handling of a malformed API
request to an API server
NOT-FOR-US: Bosch
CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions,
found in O ...)
{DSA-5601-1 DSA-5600-1 DSA-5599-1 DSA-5591-1 DSA-5588-1 DSA-5586-1
DLA-3719-1 DLA-3718-1 DLA-3694-1}
+ [buster] - dropbear <not-affected> (ChaCha20-Poly1305 support
introduced in 2020.79; *-EtM not supported as of 2022.83)
- dropbear 2022.83-4 (bug #1059001)
[bookworm] - dropbear <no-dsa> (Minor issue)
[bullseye] - dropbear <no-dsa> (Minor issue)
=====================================
data/dla-needed.txt
=====================================
@@ -75,9 +75,6 @@ dogecoin
NOTE: 20230619: also I just referenced 3 older bitcoin-related CVEs to fix;
NOTE: 20230619: dogecoin not present in bullseye/bookworm, so we lead the
initiatives. (Beuc/front-desk)
--
-dropbear (guilhem)
- NOTE: 20231219: Added by Front-Desk (ta)
---
edk2
NOTE: 20231230: Added by Front-Desk (lamby)
NOTE: 20231230: CVE-2019-11098 fixed in bullseye via DSA or point release
(lamby)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b28985fd3876c234124649177e37a6031ae0c300
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b28985fd3876c234124649177e37a6031ae0c300
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
