[Git][security-tracker-team/security-tracker][master] add php7.3
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker Commits: 589fd541 by Thorsten Alteholz at 2023-08-20T01:03:43+02:00 add php7.3 - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -145,6 +145,9 @@ otrs2 (guilhem) NOTE: 20230811: Lots of CVEs have been marked no-dsa or ignored (Non-free not supported), NOTE: 20230811: but this is a sponsored package, so they need to be fixed. (Beuc/front-desk) -- +php7.3 + NOTE: 20230820: Added by Front-Desk (ta) +-- python-glance-store NOTE: 20230525: Added by Front-Desk (lamby) NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, python-os-brick, nova and cinder. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/589fd541ed0ed35e4bdf2901b4537220beb62a88 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/589fd541ed0ed35e4bdf2901b4537220beb62a88 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add php7.3 to dsa-needed list
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: fb67732a by Salvatore Bonaccorso at 2021-02-13T20:20:29+01:00 Add php7.3 to dsa-needed list - - - - - 1 changed file: - data/dsa-needed.txt Changes: = data/dsa-needed.txt = @@ -24,6 +24,9 @@ linux (carnil) netty Markus Koschany possibly can prepare update -- +php7.3 + Maintainer proposed an update via 7.3.27 +-- python-pysaml2 -- screen View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb67732a2e0102e0ba354f441b61d2d533b409fe -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb67732a2e0102e0ba354f441b61d2d533b409fe You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add php7.3 source package as well for CVE-2017-7272
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2427d44c by Salvatore Bonaccorso at 2019-07-13T22:19:40Z
Add php7.3 source package as well for CVE-2017-7272
It is very unlikely that something will happend for CVE-2017-7272 and
the related CVE-2017-7189 as the priginal proposed fix which went into
upstream releases was shortly after again reverted as too many real
world applications got broken.
Another approach so far did not arise.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -121135,6 +121135,8 @@ CVE-2017-7273 (The cp_report_fixup function in
drivers/hid/hid-cypress.c in the
NOTE: Fixed by:
https://git.kernel.org/linus/1ebb71143758f45dc0fa76e2f48429e13b16d110
CVE-2017-7272 (PHP through 7.1.11 enables potential SSRF in applications that
accept ...)
{DLA-875-1}
+ - php7.3
+ [buster] - php7.3 (Upstream patch breaks existing
applications, was reverted again, revisit if a new approach has been identified)
- php7.1
- php7.0
[stretch] - php7.0 (Upstream patch breaks existing
applications, revisit if a new approach has been identified)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2427d44cf05f40af7697879d12394c106543d63f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2427d44cf05f40af7697879d12394c106543d63f
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
