[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2024-29131 as no-dsa for Buster

[Thorsten Alteholz (@alteholz)]

Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1c94ce76 by Thorsten Alteholz at 2024-03-23T00:15:36+01:00
mark CVE-2024-29131 as no-dsa for Buster

- - - - -
e8340133 by Thorsten Alteholz at 2024-03-23T00:27:46+01:00
mark CVE-2024-29133 as no-dsa for Buster

- - - - -
f31ee091 by Thorsten Alteholz at 2024-03-23T00:45:54+01:00
add python2.7

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -360,6 +360,7 @@ CVE-2024-29131 (Out-of-bounds Write vulnerability in Apache 
Commons Configuratio
        - commons-configuration2 <unfixed> (bug #1067513)
        [bookworm] - commons-configuration2 <no-dsa> (Minor issue)
        [bullseye] - commons-configuration2 <no-dsa> (Minor issue)
+       [buster] - commons-configuration2 <no-dsa> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2024/03/20/4
        NOTE: https://issues.apache.org/jira/browse/CONFIGURATION-840
        NOTE: Fixed by: 
https://github.com/apache/commons-configuration/commit/56b5c4dcdffbde27870df5a3105d6a5f9b22f554
 (commons-configuration-2.10.1-RC1)
@@ -369,6 +370,7 @@ CVE-2024-29133 (Out-of-bounds Write vulnerability in Apache 
Commons Configuratio
        - commons-configuration2 <unfixed> (bug #1067514)
        [bookworm] - commons-configuration2 <no-dsa> (Minor issue)
        [bullseye] - commons-configuration2 <no-dsa> (Minor issue)
+       [buster] - commons-configuration2 <no-dsa> (Minor issue)
        NOTE: https://issues.apache.org/jira/browse/CONFIGURATION-841
        NOTE: 
https://github.com/apache/commons-configuration/commit/43f4dab021e9acb8db390db2ae80aa0cee4f9ee4
 (commons-configuration-2.10.1-RC1)
        NOTE: https://www.openwall.com/lists/oss-security/2024/03/20/3


=====================================
data/dla-needed.txt
=====================================
@@ -219,6 +219,9 @@ python-asyncssh
   NOTE: 20240116: Added by Front-Desk (lamby)
   NOTE: 20240131: Patch for CVE-2023-46445 and CVE-2023-46446 backported and 
in Git, but one test is failing. Waiting for feedback before release. (dleidert)
 --
+python2.7
+  NOTE: 20240323: Added by Front-Desk (ta)
+--
 rails
   NOTE: 20220909: Re-added due to regression (abhijith)
   NOTE: 20220909: Regression on 2:5.2.2.1+dfsg-1+deb10u4 (abhijith)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ece81fa880c88927b8646486f0a3f1fc3113732a...f31ee091fe491891fc1bf5e06bc67cfc16ddb941

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ece81fa880c88927b8646486f0a3f1fc3113732a...f31ee091fe491891fc1bf5e06bc67cfc16ddb941
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits