[Git][security-tracker-team/security-tracker][master] 3 commits: add openjdk-8

Thu, 20 Jan 2022 07:29:40 -0800 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
35e0ffe6 by Thorsten Alteholz at 2022-01-20T16:18:36+01:00
add openjdk-8

- - - - -
dcfaf2bc by Thorsten Alteholz at 2022-01-20T16:20:46+01:00
add nss

- - - - -
4f3dcb43 by Thorsten Alteholz at 2022-01-20T16:25:42+01:00
follow sec team and mark some CVEs of glibc as no-dsa

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1579,11 +1579,13 @@ CVE-2022-23219 (The deprecated compatibility function 
clnt_create in the sunrpc
        - glibc 2.33-3
        [bullseye] - glibc <no-dsa> (Minor issue)
        [buster] - glibc <no-dsa> (Minor issue)
+       [stretch] - glibc <no-dsa> (Minor issue)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22542
 CVE-2022-23218 (The deprecated compatibility function svcunix_create in the 
sunrpc mod ...)
        - glibc 2.33-3
        [bullseye] - glibc <no-dsa> (Minor issue)
        [buster] - glibc <no-dsa> (Minor issue)
+       [stretch] - glibc <no-dsa> (Minor issue)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=28768
 CVE-2022-23217
        RESERVED
@@ -11160,12 +11162,14 @@ CVE-2021-3999 [Off-by-one buffer overflow/underflow 
in getcwd()]
        - glibc <unfixed>
        [bullseye] - glibc <no-dsa> (Minor issue)
        [buster] - glibc <no-dsa> (Minor issue)
+       [stretch] - glibc <no-dsa> (Minor issue)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=28769
 CVE-2021-3998 [Unexpected return value from realpath() for too long results]
        RESERVED
        - glibc <unfixed>
        [bullseye] - glibc <no-dsa> (Minor issue)
        [buster] - glibc <no-dsa> (Minor issue)
+       [stretch] - glibc <no-dsa> (Minor issue)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=28770
        NOTE: 
https://patchwork.sourceware.org/project/glibc/patch/20220113055920.3155918-1-siddh...@sourceware.org/
 CVE-2021-3997 [Uncontrolled recursion in systemd's systemd-tmpfiles]


=====================================
data/dla-needed.txt
=====================================
@@ -90,6 +90,11 @@ linux (Ben Hutchings)
 --
 linux-4.19 (Ben Hutchings)
 --
+nss
+  NOTE: 20220120: no public information yet
+--
+openjdk-8 (Emilio)
+--
 pgbouncer (Christoph Berg)
   NOTE: 20220104: maintainer might want to upload fixed version
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f50403b7c75ece8064cfea5f8cc95e5d94fd845e...4f3dcb43ea85a8c9937a3da0a23a8b098962b962

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f50403b7c75ece8064cfea5f8cc95e5d94fd845e...4f3dcb43ea85a8c9937a3da0a23a8b098962b962
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to