Adrian Bunk pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
72dabf92 by Adrian Bunk at 2024-03-06T22:11:22+02:00
Reserve DLA-3753-1 for yard
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -329064,7 +329064,6 @@ CVE-2019-1020002 (Pterodactyl before 0.7.14 with 2FA
allows credential sniffing.
NOT-FOR-US: Pterodactyl
CVE-2019-1020001 (yard before 0.9.20 allows path traversal.)
- yard 0.9.20-1 (low; bug #945369)
- [buster] - yard <no-dsa> (Minor issue)
[stretch] - yard <no-dsa> (Minor issue)
[jessie] - yard <not-affected> (Bug was introduced in 0.9.6)
NOTE:
https://github.com/lsegal/yard/security/advisories/GHSA-xfhh-rx56-rxcr
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[06 Mar 2024] DLA-3753-1 yard - security update
+ {CVE-2019-1020001 CVE-2024-27285}
+ [buster] - yard 0.9.16-1+deb10u1
[05 Mar 2024] DLA-3752-1 libuv1 - security update
{CVE-2024-24806}
[buster] - libuv1 1.24.1-1+deb10u2
=====================================
data/dla-needed.txt
=====================================
@@ -332,9 +332,6 @@ varnish
NOTE: 20240122: Still fixing tests (abhijith)
NOTE: 20240213: Fixing tests.(abhijith)
--
-yard (Adrian Bunk)
- NOTE: 20240303: Added by Front-Desk (apo)
---
zabbix
NOTE: 20240212: Added by Front-Desk (utkarsh)
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72dabf922fd5d03bcbaa624bca60975d06b61ac2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72dabf922fd5d03bcbaa624bca60975d06b61ac2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
