diff options
| author | Guilhem Moulin <guilhem@debian.org> | 2022-11-25 13:31:49 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@debian.org> | 2022-11-25 13:31:49 +0100 |
| commit | 0c90cfd74733d33b0d1593a13f1775a0a8598456 (patch) | |
| tree | be4a463c2b9857cf530f2526d293ba25f05b03f6 /data | |
| parent | 0e14697e0fc1ea55d26b9b7736085635dca6fde6 (diff) | |
Reserve DLA-3205-1 for inetutils
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 3 | ||||
| -rw-r--r-- | data/DLA/list | 3 | ||||
| -rw-r--r-- | data/dla-needed.txt | 4 |
3 files changed, 3 insertions, 7 deletions
diff --git a/data/CVE/list b/data/CVE/list index b42945c47b..6adb6eda26 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -21232,7 +21232,6 @@ CVE-2022-3019 (The forgot password token basically just makes us capable of taki CVE-2022-39028 (telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and ...) - inetutils 2:2.3-5 [bullseye] - inetutils 2:2.0-1+deb11u1 - [buster] - inetutils <no-dsa> (Minor issue) NOTE: https://lists.gnu.org/archive/html/bug-inetutils/2022-08/msg00002.html NOTE: https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html CVE-2022-38795 @@ -90559,7 +90558,6 @@ CVE-2021-40438 (A crafted request uri-path can cause mod_proxy to forward the re CVE-2021-40491 (The ftp client in GNU Inetutils before 2.2 does not validate addresses ...) - inetutils 2:2.2-1 (bug #993476) [bullseye] - inetutils 2:2.0-1+deb11u1 - [buster] - inetutils <no-dsa> (Minor issue) [stretch] - inetutils <no-dsa> (Minor issue) NOTE: https://lists.gnu.org/archive/html/bug-inetutils/2021-06/msg00002.html NOTE: https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=58cb043b190fd04effdaea7c9403416b436e50dd @@ -285063,7 +285061,6 @@ CVE-2019-0053 (Insufficient validation of environment variables in the telnet cl [buster] - socks4-server <ignored> (Minor issue) [stretch] - socks4-server <ignored> (Minor issue) - inetutils 2:1.9.4-11 (low; bug #945861) - [buster] - inetutils <ignored> (Minor issue) [stretch] - inetutils <ignored> (Minor issue) [jessie] - inetutils <no-dsa> (Minor issue) NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:12.telnet.asc diff --git a/data/DLA/list b/data/DLA/list index 780bc6a251..186e3c62a9 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[25 Nov 2022] DLA-3205-1 inetutils - security update + {CVE-2019-0053 CVE-2020-8284 CVE-2021-40491 CVE-2022-39028} + [buster] - inetutils 2:1.9.4-7+deb10u2 [24 Nov 2022] DLA-3204-1 vim - security update {CVE-2022-0318 CVE-2022-0392 CVE-2022-0629 CVE-2022-0696 CVE-2022-1619 CVE-2022-1621 CVE-2022-1785 CVE-2022-1897 CVE-2022-1942 CVE-2022-2000 CVE-2022-2129 CVE-2022-3235 CVE-2022-3256 CVE-2022-3352} [buster] - vim 2:8.1.0875-5+deb10u4 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 97094d904f..3a2b7a0fe7 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -92,10 +92,6 @@ imagemagick NOTE: 20220904: VCS: https://salsa.debian.org/lts-team/packages/imagemagick.git NOTE: 20220904: Should be synced with Stretch. (apo) -- -inetutils (guilhem) - NOTE: 20221112: Programming language: C. - NOTE: 20221112: Follow fixes from bullseye 11.5 (Beuc/front-desk) --- ini4j NOTE: 20221012: Programming language: Java. NOTE: 20221012: Require investigation (lamby) |