Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits: 979f8dda by Roberto C. Sánchez at 2024-12-07T10:05:09-05:00 LTS: add gunicorn, jinja2, libpgjava, python-urllib3, renderdoc, and sqlparse - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -108,6 +108,11 @@ gsl NOTE: 20241206: CVE-2020-35357 was fixed in buster, is still open (no-dsa) in bullseye and bookworm NOTE: 20241206: https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/167 -- +gunicorn + NOTE: 20241206: Added by coordinator (roberto) + NOTE: 20241206: CVE-2024-1135 was fixed in buster, is still open (no-dsa) in bullseye and bookworm + NOTE: 20241206: https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/173 +-- haproxy (Thorsten Alteholz) NOTE: 20241201: Added by Front-Desk (ta) -- @@ -120,9 +125,19 @@ intel-microcode (tobi) jetty9 (Markus Koschany) NOTE: 20241110: Added by Front-Desk (apo) -- +jinja2 + NOTE: 20241206: Added by coordinator (roberto) + NOTE: 20241206: CVE-2024-22195 was fixed in buster, is still open (no-dsa) in bullseye and bookworm + NOTE: 20241206: https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/170 +-- knot-resolver NOTE: 20240924: Added by Front-Desk (lamby) -- +libpgjava + NOTE: 20241206: Added by coordinator (roberto) + NOTE: 20241206: CVE-2022-31197, CVE-2022-41946, and CVE-2024-1597 were fixed in buster, are still open (no-dsa) in bullseye (all 3) and bookworm (only CVE-2024-1597) + NOTE: 20241206: https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/168 +-- libsoup2.4 (Adrian Bunk) NOTE: 20241121: Added by Front-Desk (Beuc) NOTE: 20241121: Fix in unstable first, following libsoup3. @@ -166,6 +181,11 @@ python-aiohttp python-tornado (dleidert) NOTE: 20241130: Added by Front-Desk (ta) -- +python-urllib3 + NOTE: 20241206: Added by coordinator (roberto) + NOTE: 20241206: CVE-2023-43804 and CVE-2023-45803 were fixed in buster, are still open (no-dsa) in bullseye and bookworm + NOTE: 20241206: https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/174 +-- python-werkzeug (Sean Whitton) NOTE: 20241110: Added by Front-Desk (apo) -- @@ -177,6 +197,11 @@ qemu (santiago) NOTE: 20240815: CVE-2024-4467 fix also proposed for 12.7 (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076504) NOTE: 20241119: Bookworm PU in progress https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086572 -- +renderdoc + NOTE: 20241206: Added by coordinator (roberto) + NOTE: 20241206: CVE-2023-33863, CVE-2023-33864, and CVE-2023-33865 were fixed in buster, are still open (no-dsa) in bullseye and bookworm + NOTE: 20241206: https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/171 +-- ruby-doorkeeper NOTE: 20241206: Added by coordinator (roberto) NOTE: 20241206: CVE-2023-34246 was fixed in buster, is still open (no-dsa) in bullseye and bookworm @@ -200,6 +225,11 @@ spip NOTE: 20240922: Knowing French may be useful. Determined fixing commit by NOTE: 20240922: diffing the releases on the 4.1.x branch. 3.x is already EOL. (apo) -- +sqlparse + NOTE: 20241206: Added by coordinator (roberto) + NOTE: 20241206: CVE-2023-30608 was fixed in buster, is still open (no-dsa) in bullseye and bookworm + NOTE: 20241206: https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/175 +-- squid NOTE: 20240308: Added by oldstable Security Team (apo) NOTE: 20240308: Readd squid to dsa-needed.txt View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/979f8dda8110c4e1283114cb737d47d3264835e9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/979f8dda8110c4e1283114cb737d47d3264835e9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
