Reserve DLA-3209-1 for ini4j

author: Markus Koschany <apo@debian.org> 2022-11-28 11:08:10 +0100
committer: Markus Koschany <apo@debian.org> 2022-11-28 11:08:10 +0100
commit: 9dc57b5b6216f8efc8485acaacfea76543a45aa3 (patch)
tree: e3aa4f61bffa0bcb59f1d7d42e37cf3aad97689a /data
parent: 2f4ed6a1d763d7467ea47cdd7648ca6325661e6f (diff)
2 files changed, 3 insertions, 4 deletions
diff --git a/data/DLA/list b/data/DLA/list
index b03f4932a7..dc1ef182a1 100644
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,3 +1,6 @@
+[28 Nov 2022] DLA-3209-1 ini4j - security update
+	{CVE-2022-41404}
+	[buster] - ini4j 0.5.4-1~deb10u1
 [27 Nov 2022] DLA-3208-1 varnish - security update
 	{CVE-2020-11653 CVE-2022-45060}
 	[buster] - varnish 6.1.1-1+deb10u4
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index a75c504380..16c437f1d5 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -89,10 +89,6 @@ imagemagick (Roberto C. Sánchez)
   NOTE: 20220904: VCS: https://salsa.debian.org/lts-team/packages/imagemagick.git
   NOTE: 20220904: Should be synced with Stretch. (apo)
 --
-ini4j (Markus Koschany)
-  NOTE: 20221012: Programming language: Java.
-  NOTE: 20221012: Require investigation (lamby)
---
 jhead (Markus Koschany)
   NOTE: 20221031: Programming language: C.
   NOTE: 20221031: Note that multiple options are vulnerable. The attacker have to trick someone to execute the command but arbitrary code exectuion is not good..
author	Markus Koschany <apo@debian.org>	2022-11-28 11:08:10 +0100
committer	Markus Koschany <apo@debian.org>	2022-11-28 11:08:10 +0100
commit	9dc57b5b6216f8efc8485acaacfea76543a45aa3 (patch)
tree	e3aa4f61bffa0bcb59f1d7d42e37cf3aad97689a /data
parent	2f4ed6a1d763d7467ea47cdd7648ca6325661e6f (diff)