diff options
| author | Bastien Roucariès <rouca@debian.org> | 2024-02-22 09:25:02 +0000 |
|---|---|---|
| committer | Bastien Roucariès <rouca@debian.org> | 2024-02-22 09:25:02 +0000 |
| commit | 2f250824eeb595aa560a5d58364d4e7a120b09ac (patch) | |
| tree | b92d907952a5523f064d3511930fcc6559a32220 /data | |
| parent | fdc095e7f57bd523d624908fe5e554585060703b (diff) | |
Reserve DLA-3737-1 for imagemagick
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 2 | ||||
| -rw-r--r-- | data/DLA/list | 3 | ||||
| -rw-r--r-- | data/dla-needed.txt | 5 |
3 files changed, 3 insertions, 7 deletions
diff --git a/data/CVE/list b/data/CVE/list index b369aa4174..002eaa247a 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -56179,7 +56179,6 @@ CVE-2023-1289 (A vulnerability was discovered in ImageMagick where a specially c - imagemagick 8:6.9.12.98+dfsg1-2 [bookworm] - imagemagick <no-dsa> (Minor issue) [bullseye] - imagemagick <no-dsa> (Minor issue) - [buster] - imagemagick <postponed> (Should be fixed together with some other CVEs) NOTE: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr NOTE: https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4 (7.1.1-0) NOTE: https://github.com/ImageMagick/ImageMagick6/commit/706d381b7eb79927d328c96f7b7faab5dc109368 (6.9.12-78) @@ -121834,7 +121833,6 @@ CVE-2023-34151 (A vulnerability was found in ImageMagick. This security flaw ouc - imagemagick 8:6.9.12.98+dfsg1-2 (bug #1036999) [bookworm] - imagemagick <no-dsa> (Minor issue) [bullseye] - imagemagick <no-dsa> (Minor issue) - [buster] - imagemagick <no-dsa> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/6341 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/3d6d98d8a2be30d74172ab43b5b8e874d2deb158 (7.1.1-10) NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/133089f716f23ce0b80d89ccc1fd680960235512 (6.9.12-88) diff --git a/data/DLA/list b/data/DLA/list index 3a0e10e6d7..780a73866b 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[22 Feb 2024] DLA-3737-1 imagemagick - security update + {CVE-2023-1289 CVE-2023-5341 CVE-2023-34151 CVE-2023-39978} + [buster] - imagemagick 8:6.9.10.23+dfsg-2.1+deb10u6 [21 Feb 2024] DLA-3736-1 unbound - security update {CVE-2023-50387 CVE-2023-50868} [buster] - unbound 1.9.0-2+deb10u4 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 5eb34f7980..2d8e947e37 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -122,11 +122,6 @@ i2p NOTE: 20230809: Added by Front-Desk (Beuc) NOTE: 20230809: Experimental issue-based workflow: please self-assign and follow https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/28 -- -imagemagick - NOTE: 20230622: Added by Front-Desk (Beuc) - NOTE: 20230622: Requested by maintainer (rouca) to tidy remaining open CVEs (Beuc/front-desk) - NOTE: 20231014: Some work under git branch debian/buster but unease --- iwd (Chris Lamb) NOTE: 20240218: Added by Front-Desk (lamby) -- |