diff options
author | Sylvain Beucler <beuc@beuc.net> | 2022-11-17 16:26:29 +0100 |
---|---|---|
committer | Sylvain Beucler <beuc@beuc.net> | 2022-11-17 16:26:29 +0100 |
commit | 831e22fc63b46ae8b81fcd5362327ccd4ae6eaa8 (patch) | |
tree | 73c97fd49555c9792e1535b13619f8b433135a33 /data | |
parent | eced38e6e8be713b7ea3a69568c949a8cfc3841f (diff) |
Reserve DLA-3198-1 for php-phpseclib
Diffstat (limited to 'data')
-rw-r--r-- | data/DLA/list | 3 | ||||
-rw-r--r-- | data/dla-needed.txt | 6 |
2 files changed, 3 insertions, 6 deletions
diff --git a/data/DLA/list b/data/DLA/list index 746dc25ab0..dfb035bb17 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[17 Nov 2022] DLA-3198-1 php-phpseclib - security update + {CVE-2021-30130} + [buster] - php-phpseclib 2.0.30-2~deb10u1 [17 Nov 2022] DLA-3197-1 phpseclib - security update {CVE-2021-30130} [buster] - phpseclib 1.0.19-3~deb10u1 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 510959a47d..7766196a99 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -250,12 +250,6 @@ php-cas NOTE: 20221107: consider fixing all 3 packages; also check situation in ELTS for reference (Beuc/front-desk) NOTE: 20221110: upcoming DSA (Beuc/front-desk) -- -php-phpseclib (Sylvain Beucler) - NOTE: 20220909: Programming language: PHP. - NOTE: 20220909: Note the discussion whether 2.0 is in fact affected by the CVE or not. It looks like it is affected by a small part of it that is best to fix.. (ola) - NOTE: 20221104: Attempted to clarify vulnerability status (cf. 02cd83d1d917dc5964440185226aa11e40058546) (Beuc) - NOTE: 20221108: buster is missing testsuite in both phpseclib packages, contacted maintainer to decide whether to backport testsuite or just bump version (Beuc) --- php7.3 (Emilio) NOTE: 20221031: Programming language: C. NOTE: 20221031: CVE-2022-37454 is what is of most concern. |