Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0d002f8b by Ola Lundqvist at 2024-03-10T00:05:39+01:00
Removed knot-resolver from dla-needed and marked CVEs as either no-dsa or
ignored following bullseye.
- - - - -
039a4be0 by Ola Lundqvist at 2024-03-10T00:09:37+01:00
Removed libstb from dla-needed and marked all its CVEs as no-dsa following
buster.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -6732,6 +6732,7 @@ CVE-2023-50387 (Certain DNSSEC aspects of the DNS
protocol (in RFC 4033, 4034, 4
- dnsmasq 2.90-1
- knot-resolver 5.7.1-1
[bullseye] - knot-resolver <ignored> (Too intrusive to backport, if
DNSSEC is used Bookworm can be used)
+ [buster] - knot-resolver <ignored> (Too intrusive to backport)
- pdns-recursor 4.9.3-1 (bug #1063852)
- unbound 1.19.1-1 (bug #1063845)
- systemd 255.4-1
@@ -6771,6 +6772,7 @@ CVE-2023-50868 (The Closest Encloser Proof aspect of the
DNS protocol (in RFC 51
- dnsmasq 2.90-1
- knot-resolver 5.7.1-1
[bullseye] - knot-resolver <ignored> (Too intrusive to backport, if
DNSSEC is used Bookworm can be used)
+ [buster] - knot-resolver <ignored> (Too intrusive to backport, if
DNSSEC is used Bookworm can be used)
- pdns-recursor 4.9.3-1 (bug #1063852)
- unbound 1.19.1-1 (bug #1063845)
- systemd 255.4-1
@@ -27389,6 +27391,7 @@ CVE-2023-46317 (Knot Resolver before 5.7.0 performs
many TCP reconnections upon
{DSA-5633-1}
- knot-resolver 5.7.0-1
[bullseye] - knot-resolver <no-dsa> (Minor issue)
+ [buster] - knot-resolver <no-dsa> (Minor issue)
NOTE: https://www.knot-resolver.cz/2023-08-22-knot-resolver-5.7.0.html
NOTE: https://gitlab.nic.cz/knot/knot-resolver/-/merge_requests/1448
NOTE:
https://github.com/CZ-NIC/knot-resolver/commit/7aec8ebdf1428afcb7f5bc62764149ffeaf3d3fe
(v6.0.6)
@@ -27556,48 +27559,56 @@ CVE-2023-45682 (stb_vorbis is a single file MIT
licensed library for processing
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 15)
NOTE: https://github.com/nothings/stb/pull/1560
CVE-2023-45681 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 14)
NOTE: https://github.com/nothings/stb/pull/1559
CVE-2023-45680 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 13)
NOTE: https://github.com/nothings/stb/pull/1558
CVE-2023-45679 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 12)
NOTE: https://github.com/nothings/stb/pull/1557
CVE-2023-45678 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 11)
NOTE: https://github.com/nothings/stb/pull/1556
CVE-2023-45677 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 10)
NOTE: https://github.com/nothings/stb/pull/1555
CVE-2023-45676 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 9)
NOTE: https://github.com/nothings/stb/pull/1554
CVE-2023-45675 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 8)
NOTE: https://github.com/nothings/stb/issues/1552
NOTE: https://github.com/nothings/stb/pull/1553
@@ -27605,6 +27616,7 @@ CVE-2023-45667 (stb_image is a single file MIT licensed
library for processing i
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 7)
NOTE: https://github.com/nothings/stb/issues/1550
NOTE: https://github.com/nothings/stb/pull/1551
@@ -27612,6 +27624,7 @@ CVE-2023-45666 (stb_image is a single file MIT licensed
library for processing i
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 6)
NOTE: https://github.com/nothings/stb/issues/1548
NOTE: https://github.com/nothings/stb/pull/1549
@@ -27619,6 +27632,7 @@ CVE-2023-45664 (stb_image is a single file MIT licensed
library for processing i
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 4)
NOTE: https://github.com/nothings/stb/issues/1542
NOTE: https://github.com/nothings/stb/pull/1545
@@ -27626,6 +27640,7 @@ CVE-2023-45663 (stb_image is a single file MIT licensed
library for processing i
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 3)
NOTE: https://github.com/nothings/stb/issues/1542
NOTE: https://github.com/nothings/stb/pull/1543
@@ -27633,6 +27648,7 @@ CVE-2023-45662 (stb_image is a single file MIT licensed
library for processing i
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 2)
NOTE: https://github.com/nothings/stb/issues/1540
NOTE: https://github.com/nothings/stb/pull/1541
@@ -27640,6 +27656,7 @@ CVE-2023-45661 (stb_image is a single file MIT licensed
library for processing i
- libstb <unfixed> (bug #1054911)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
+ [buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 1)
NOTE: https://github.com/nothings/stb/issues/1538
NOTE: https://github.com/nothings/stb/pull/1539
=====================================
data/dla-needed.txt
=====================================
@@ -113,9 +113,6 @@ jenkins-htmlunit-core-js
jetty9
NOTE: 20240303: Added by Front-Desk (apo)
--
-knot-resolver
- NOTE: 20231029: Added by Front-Desk (gladk)
---
libcommons-compress-java (Markus Koschany)
NOTE: 20240303: Added by Front-Desk (apo)
--
@@ -143,14 +140,6 @@ libssh
NOTE: 20240227: <https://archive.libssh.org/libssh/2024-02/0000009.html>
NOTE: 20240227: (spwhitton).
--
-libstb
- NOTE: 20231029: Added by Front-Desk (gladk)
- NOTE: 20231029: A lot of open CVEs. Maybe duplicates.
- NOTE: 20231029: If you take a package, please evaluate it as well as its
importance.
- NOTE: 20221119: None of the new CVE fixes has been reviewed by upstream so
far,
- NOTE: 20221119: and in the past CVE fixes have caused regressions.
- NOTE: 20221119: Wait for upstream merge of fixes (and fixing in unstable).
(bunk)
---
linux (Ben Hutchings)
NOTE: 20230111: perma-added for LTS package-specific delegation (bwh)
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/dbde68266ab01179bc528f5a569140f7dbe09b58...039a4be02023f34f77a2c4e6b484a93cef362aa2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/dbde68266ab01179bc528f5a569140f7dbe09b58...039a4be02023f34f77a2c4e6b484a93cef362aa2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
