[Git][security-tracker-team/security-tracker][master] 3 commits: add libreswan

Thorsten Alteholz (@alteholz) Thu, 17 Aug 2023 14:38:02 -0700


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
dd3396f4 by Thorsten Alteholz at 2023-08-17T23:19:24+02:00
add libreswan

- - - - -
d89edf09 by Thorsten Alteholz at 2023-08-17T23:27:57+02:00
mark CVE-2023-37543 as no-dsa for Buster

- - - - -
6bda3cd2 by Thorsten Alteholz at 2023-08-17T23:35:57+02:00
mark CVE-2023-40225 as not-affected for Buster

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -832,6 +832,7 @@ CVE-2023-40225 (HAProxy through 2.0.32, 2.1.x and 2.2.x 
through 2.2.30, 2.3.x an
        - haproxy 2.6.15-1 (bug #1043502)
        [bookworm] - haproxy <postponed> (Minor issue, fix along with future 
DSA)
        [bullseye] - haproxy <postponed> (Minor issue, fix along with future 
DSA)
+       [buster] - haproxy <not-affected> (Vulnerable code not present)
        NOTE: https://github.com/haproxy/haproxy/issues/2237
        NOTE: 
https://github.com/haproxy/haproxy/commit/6492f1f29d738457ea9f382aca54537f35f9d856
 CVE-2023-4283 (The EmbedPress plugin for WordPress is vulnerable to Stored 
Cross-Site ...)
@@ -955,6 +956,7 @@ CVE-2023-37543 (Cacti before 1.2.6 allows IDOR (Insecure 
Direct Object Reference
        - cacti <unfixed>
        [bookworm] - cacti <no-dsa> (Minor issue)
        [bullseye] - cacti <no-dsa> (Minor issue)
+       [buster] - cacti <no-dsa> (Minor issue)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-4x82-8w8m-w8hj
        NOTE: 
https://medium.com/%40hussainfathy99/exciting-news-my-first-cve-discovery-cve-2023-37543-idor-vulnerability-in-cacti-bbb6c386afed
        TODO: check details once GHSA-4x82-8w8m-w8hj accessible, 1.2.6 does not 
seem correct, reporter claims 1.2.25 wich is not released


=====================================
data/dla-needed.txt
=====================================
@@ -89,6 +89,9 @@ intel-microcode (utkarsh)
   NOTE: 20230815: 
https://salsa.debian.org/lts-team/packages/intel-microcode/-/commits/releases/buster
   NOTE: 20230815: waiting for hmh to review. (utkarsh)
 --
+libreswan
+  NOTE: 20230817: Added by Front-Desk (ta)
+--
 linux (Ben Hutchings)
   NOTE: 20230111: perma-added for LTS package-specific delegation (bwh)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1ca787868baa231e16c7683eb8060e9df63cca89...6bda3cd25a83f41bea12b0ae259366c82cff5e42

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1ca787868baa231e16c7683eb8060e9df63cca89...6bda3cd25a83f41bea12b0ae259366c82cff5e42
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 3 commits: add libreswan

Reply via email to