[Git][security-tracker-team/security-tracker][master] Reserve DLA-3910-1 for e2fsprogs

Adrian Bunk (@bunk) Fri, 04 Oct 2024 06:44:34 -0700


Adrian Bunk pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
939e67bb by Adrian Bunk at 2024-10-04T16:44:12+03:00
Reserve DLA-3910-1 for e2fsprogs

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -196996,7 +196996,6 @@ CVE-2022-1305 (Use after free in storage in Google 
Chrome prior to 100.0.4896.88
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1304 (An out-of-bounds read/write vulnerability was found in 
e2fsprogs 1.46. ...)
        - e2fsprogs 1.46.6~rc1-1 (bug #1010263)
-       [bullseye] - e2fsprogs <no-dsa> (Minor issue)
        [buster] - e2fsprogs <no-dsa> (Minor issue)
        [stretch] - e2fsprogs <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2069726


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[04 Oct 2024] DLA-3910-1 e2fsprogs - security update
+       {CVE-2022-1304}
+       [bullseye] - e2fsprogs 1.46.2-2+deb11u1
 [03 Oct 2024] DLA-3909-1 zabbix - security update
        {CVE-2022-23132 CVE-2022-23133 CVE-2022-24349 CVE-2022-24917 
CVE-2022-24918 CVE-2022-24919 CVE-2022-35229 CVE-2022-35230 CVE-2022-43515 
CVE-2023-29449 CVE-2023-29450 CVE-2023-29454 CVE-2023-29455 CVE-2023-29456 
CVE-2023-29457 CVE-2023-29458 CVE-2023-32721 CVE-2023-32722 CVE-2023-32724 
CVE-2023-32726 CVE-2023-32727 CVE-2024-22114 CVE-2024-22116 CVE-2024-22119 
CVE-2024-22122 CVE-2024-22123 CVE-2024-36460 CVE-2024-36461}
        [bullseye] - zabbix 1:5.0.44+dfsg-1+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -61,10 +61,6 @@ dnsmasq
 docker.io
   NOTE: 20240922: Added by Front-Desk (apo)
 --
-e2fsprogs (Adrian Bunk)
-  NOTE: 20241002: Added by coordinator (santiago)
-  NOTE: 20241002: A sponsor requested a fix for CVE-2022-1304 (santiago)
---
 edk2
   NOTE: 20240815: Added by Front-Desk (Beuc)
   NOTE: 20240815: bullseye did not get most of DSA 5624-1 security fixes,



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/939e67bb9aff987e74ad74b4ee67c56d5a8f400f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/939e67bb9aff987e74ad74b4ee67c56d5a8f400f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3910-1 for e2fsprogs

Reply via email to