diff options
| author | Adrian Bunk <bunk@debian.org> | 2024-03-15 18:43:03 +0200 |
|---|---|---|
| committer | Adrian Bunk <bunk@debian.org> | 2024-03-15 18:43:03 +0200 |
| commit | 62f505787f67bbc9ca45d0141b0600de207e9bba (patch) | |
| tree | a0f55d64212bdab611b1f690fe8c447a7ef0230d /data | |
| parent | bc4c12fc42916abc7ae9c1b72d3be9a945f47e08 (diff) | |
Reserve DLA-3762-1 for unadf
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 2 | ||||
| -rw-r--r-- | data/DLA/list | 3 | ||||
| -rw-r--r-- | data/dla-needed.txt | 4 |
3 files changed, 3 insertions, 6 deletions
diff --git a/data/CVE/list b/data/CVE/list index a8bb4d3311..df8eb3cf97 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -505651,7 +505651,6 @@ CVE-2016-1244 (The extractTree function in unADF allows remote attackers to exec - unadf 0.7.11a-6 (bug #838248) [bookworm] - unadf 0.7.11a-5+deb12u1 [bullseye] - unadf 0.7.11a-4+deb11u1 - [buster] - unadf <no-dsa> (Minor issue) NOTE: Fixed by: https://github.com/lclevy/ADFlib/commit/8e973d7b894552c3a3de0ccd2d1e9cb0b8e618dd NOTE: The changes between 0.7.11a-3 and 0.7.11a-4 did not include the upstream fix. CVE-2016-1243 (Stack-based buffer overflow in the extractTree function in unADF allow ...) @@ -505659,7 +505658,6 @@ CVE-2016-1243 (Stack-based buffer overflow in the extractTree function in unADF - unadf 0.7.11a-6 (bug #838248) [bookworm] - unadf 0.7.11a-5+deb12u1 [bullseye] - unadf 0.7.11a-4+deb11u1 - [buster] - unadf <no-dsa> (Minor issue) NOTE: Fixed by: https://github.com/lclevy/ADFlib/commit/8e973d7b894552c3a3de0ccd2d1e9cb0b8e618dd NOTE: The changes between 0.7.11a-3 and 0.7.11a-4 did not include the upstream fix. CVE-2016-1242 (file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3 ...) diff --git a/data/DLA/list b/data/DLA/list index f71e8960ee..c2c394133f 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[15 Mar 2024] DLA-3762-1 unadf - security update + {CVE-2016-1243 CVE-2016-1244} + [buster] - unadf 0.7.11a-4+deb11u1~deb10u1 [15 Mar 2024] DLA-3761-1 spip - security update {CVE-2023-52322} [buster] - spip 3.2.4-1+deb10u13 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index bbd2ac4057..73955aa65c 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -298,10 +298,6 @@ tiff tomcat9 NOTE: 20240121: Added by Front-Desk (apo) -- -unadf (Adrian Bunk) - NOTE: 20240314: Added by Front-Desk (Beuc) - NOTE: 20240314: Follow fixes from bullseye 11.9 (two 2016 CVEs) (Beuc/front-desk) --- varnish NOTE: 20231117: Added by Front-Desk (apo) NOTE: 20231204: Working on pre commits for CVE-2023-44487, https://github.com/varnishcache/varnish-cache/pull/4004 |