Sean Whitton pushed to branch master at Debian Security Tracker / security-tracker
Commits: 23dd068e by Sean Whitton at 2023-10-28T15:06:31+01:00 Reserve DLA-3634-1 for nss - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -222425,7 +222425,6 @@ CVE-2020-25649 (A flaw was found in FasterXML Jackson Databind, where it did not NOTE: https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59 (jackson-databind-2.11.0.rc1) CVE-2020-25648 (A flaw was found in the way NSS handled CCS (ChangeCipherSpec) message ...) - nss 2:3.58-1 - [buster] - nss <no-dsa> (Minor issue) [stretch] - nss <no-dsa> (Minor issue) NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1641480 (private) ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[28 Oct 2023] DLA-3634-1 nss - security update + {CVE-2020-25648 CVE-2023-4421} + [buster] - nss 2:3.42.1-1+deb10u7 [28 Oct 2023] DLA-3633-1 gst-plugins-bad1.0 - security update {CVE-2023-40474 CVE-2023-40475 CVE-2023-40476} [buster] - gst-plugins-bad1.0 1.14.4-1+deb10u4 ===================================== data/dla-needed.txt ===================================== @@ -129,11 +129,6 @@ nova NOTE: 20230302: zigo currently has no time and requests the LTS team to do it (IRC #debian-lts 2023-03-02). (Beuc/front-desk) NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, python-os-brick, nova and cinder. (lamby) -- -nss (Sean Whitton) - NOTE: 20231015: Added by Front-Desk (ta) - NOTE: 20231027: Patches backported. New tests for CVE-2020-25648 do not pass. - NOTE: 20231027: Asked upstream dev-tech-crypto ML (spwhitton). --- nvidia-cuda-toolkit NOTE: 20230514: Added by Front-Desk (utkarsh) NOTE: 20230514: package listed in packages-to-support; a bunch of CVEs have View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23dd068e50af44a19d3ffc6ae5471bdbe3754904 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23dd068e50af44a19d3ffc6ae5471bdbe3754904 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits