Tobias Quathamer pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
072e6c2d by Dr. Tobias Quathamer at 2025-01-29T13:52:54+01:00
lts: claim flightgear and simgear
- - - - -
982913b3 by Dr. Tobias Quathamer at 2025-01-29T13:52:55+01:00
Add info about backported patches for flightgear and simgear
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -734,6 +734,8 @@ CVE-2025-0781 (An attacker can bypass the sandboxing of
Nasal scripts and arbitr
[bullseye] - simgear <no-dsa> (Minor issue)
NOTE: Fixed by:
https://gitlab.com/flightgear/flightgear/-/commit/ad37afce28083fad7f79467b3ffdead753584358
NOTE: Fixed by:
https://gitlab.com/flightgear/simgear/-/commit/5bb023647114267141a7610e8f1ca7d6f4f5a5a8
+ NOTE: Backported patch for 2020.3.6:
https://gitlab.com/frougon/flightgear-flightgear/-/commit/cf99dc921aadab502ff90a1dd943d8bbb897de91
+ NOTE: Backported patch for 2020.3.6:
https://gitlab.com/frougon/flightgear-simgear/-/commit/f2e8c8ce3925e62275d97d46c73c32cbc864d80b
CVE-2024-31906 (IBM Automation Decision Services 23.0.2 allows web pages to be
stored ...)
NOT-FOR-US: IBM
CVE-2024-13505 (The Survey Maker plugin for WordPress is vulnerable to Stored
Cross-Si ...)
=====================================
data/dla-needed.txt
=====================================
@@ -77,7 +77,7 @@ espeak-ng
NOTE: 20241014: Still looking at the incomplete fixes (abhijith)
NOTE: 20241104: haven't spend time to look in to it. Will look after fixing
puma (abhijith)
--
-flightgear (Emilio)
+flightgear (Tobias Quathamer)
NOTE: 20250129: Added by Front-Desk (pochu)
NOTE: 20250129: maintainer will upload a fixed package (pochu)
--
@@ -228,7 +228,7 @@ shadow
NOTE: 20250105: shadow is a high-profile package. Upstream discussion for
CVE-2024-56433 is
NOTE: 20250105: ongoing. I'm adding it to dla-needed.txt to keep it on our
radar.
--
-simgear (Emilio)
+simgear (Tobias Quathamer)
NOTE: 20250129: Added by Front-Desk (pochu)
NOTE: 20250129: maintainer will upload a fixed package (pochu)
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/12ade3c5e918df8e571bfcc5466d93a43939bcd6...982913b3d4ba98c82c4f7bf83fdcb5fc7c971408
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/12ade3c5e918df8e571bfcc5466d93a43939bcd6...982913b3d4ba98c82c4f7bf83fdcb5fc7c971408
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
