Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: e516b8ce by Thorsten Alteholz at 2022-04-11T00:06:08+02:00 mark CVE-2022-1253 as no-dsa for Stretch - - - - - 859720f9 by Thorsten Alteholz at 2022-04-11T00:06:08+02:00 add puma - - - - - 62c5f516 by Thorsten Alteholz at 2022-04-11T00:06:08+02:00 add salt - - - - - 5ac4913a by Thorsten Alteholz at 2022-04-11T00:06:09+02:00 mark CVE-2021-43725 as no-dsa for Stretch - - - - - c46b5006 by Thorsten Alteholz at 2022-04-11T00:06:10+02:00 mark CVE-2021-33657 as no-dsa for Stretch - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -536,6 +536,7 @@ CVE-2022-1254 RESERVED CVE-2022-1253 (Heap-based Buffer Overflow in GitHub repository strukturag/libde265 pr ...) - libde265 <unfixed> + [stretch] - libde265 <no-dsa> (Minor issue) NOTE: https://huntr.dev/bounties/1-other-strukturag/libde265/ NOTE: https://github.com/strukturag/libde265/commit/8e89fe0e175d2870c39486fdd09250b230ec10b8 CVE-2022-1252 @@ -29072,6 +29073,7 @@ CVE-2021-43726 CVE-2021-43725 (There is a Cross Site Scripting (XSS) vulnerability in SpotPage_login. ...) - spotweb <removed> [buster] - spotweb <no-dsa> (Minor issue) + [stretch] - spotweb <no-dsa> (Minor issue) NOTE: https://github.com/spotweb/spotweb/commit/2bfa001689aae96009688a193c64478647ba45a1 NOTE: https://github.com/spotweb/spotweb/issues/718 CVE-2021-43724 (A Cross Site Scripting (XSS) vulnerability exits in Subrion CMS throug ...) @@ -56107,9 +56109,11 @@ CVE-2021-33657 (There is a heap overflow problem in video/SDL_pixels.c in SDL (S - libsdl1.2 <unfixed> [bullseye] - libsdl1.2 <no-dsa> (Minor issue) [buster] - libsdl1.2 <no-dsa> (Minor issue) + [stretch] - libsdl1.2 <no-dsa> (Minor issue) - libsdl2 2.0.20+dfsg-2 [bullseye] - libsdl2 <no-dsa> (Minor issue) [buster] - libsdl2 <no-dsa> (Minor issue) + [stretch] - libsdl2 <no-dsa> (Minor issue) NOTE: https://github.com/libsdl-org/SDL/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9 (release-2.0.20) CVE-2021-33656 RESERVED ===================================== data/dla-needed.txt ===================================== @@ -113,6 +113,8 @@ openvpn pdns NOTE: 20220402: harmonize with buster/10.8 (Beuc) -- +puma +-- puppet-module-puppetlabs-firewall NOTE: 20220402: no Debian maintainers activity since 2018 (Beuc) -- @@ -121,6 +123,8 @@ ring (Abhijith PA) NOTE: 20220404: package in archive is faulty. New regs can't be done due (abhijith) NOTE: 20220404: a network error (abhijith -- +salt +-- samba NOTE: 20211128: WIP https://salsa.debian.org/lts-team/packages/samba/ NOTE: 20211212: Fix is too large, coordination with ELTS-upload (anton) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9306762e6bf64fc17d142cd4d753c97cf7f4802e...c46b500648db5d929e7511c29d8731ba5857de17 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9306762e6bf64fc17d142cd4d753c97cf7f4802e...c46b500648db5d929e7511c29d8731ba5857de17 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits