Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c1909aaf by Salvatore Bonaccorso at 2024-05-04T16:31:09+02:00
Move expat to be released via point release update instead of DSA (minor issues
not warranting DSA)
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -26864,6 +26864,8 @@ CVE-2023-52426 (libexpat through 2.5.0 allows recursive
XML Entity Expansion if
CVE-2023-52425 (libexpat through 2.5.0 allows a denial of service (resource
consumptio ...)
{DLA-3783-1}
- expat 2.6.0-1 (bug #1063238)
+ [bookworm] - expat <no-dsa> (Minor issue; can be fixed via point
release)
+ [bullseye] - expat <no-dsa> (Minor issue; can be fixed via point
release)
NOTE: https://github.com/libexpat/libexpat/pull/789
NOTE: Merge commit:
https://github.com/libexpat/libexpat/commit/34b598c5f594b015c513c73f06e7ced3323edbf1
CVE-2020-36773 (Artifex Ghostscript before 9.53.0 has an out-of-bounds write
and use-a ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -20,8 +20,6 @@ dnsdist (jmm)
--
dnsmasq
--
-expat (carnil)
---
frr
Tobias Frost (tobi) proposed to work on preparing an update
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1909aaf9658e0ae743be41e17971ccbc01e3db4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1909aaf9658e0ae743be41e17971ccbc01e3db4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
