From 44619aae5b33013176b4d0de2aafd43c8ba5ffbb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bastien=20Roucari=C3=A8s?= Date: Sun, 26 Mar 2023 20:41:39 +0000 Subject: Reserve DLA-3368-1 for libreoffice --- data/CVE/list | 4 ---- data/DLA/list | 3 +++ data/dla-needed.txt | 4 ---- 3 files changed, 3 insertions(+), 8 deletions(-) (limited to 'data') diff --git a/data/CVE/list b/data/CVE/list index 1dd640cb54..2846f3bc32 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -85380,17 +85380,14 @@ CVE-2022-26308 (Pandora FMS v7.0NG.760 and below allows an improper access contr CVE-2022-26307 (LibreOffice supports the storage of passwords for web connections in t ...) - libreoffice 1:7.3.3~rc1-2 [bullseye] - libreoffice 1:7.0.4-4+deb11u2 - [buster] - libreoffice (Minor issue) NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307 CVE-2022-26306 (LibreOffice supports the storage of passwords for web connections in t ...) - libreoffice 1:7.3.3~rc1-2 [bullseye] - libreoffice 1:7.0.4-4+deb11u2 - [buster] - libreoffice (Minor issue) NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306 CVE-2022-26305 (An Improper Certificate Validation vulnerability in LibreOffice existe ...) - libreoffice 1:7.3.2~rc2-1 [bullseye] - libreoffice 1:7.0.4-4+deb11u2 - [buster] - libreoffice (Minor issue) NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2022-26305 CVE-2022-26301 (TuziCMS v2.0.6 was discovered to contain a SQL injection vulnerability ...) NOT-FOR-US: TuziCMS @@ -157240,7 +157237,6 @@ CVE-2021-25637 CVE-2021-25636 (LibreOffice supports digital signatures of ODF documents and macros wi ...) - libreoffice 1:7.3.0-1 [bullseye] - libreoffice 1:7.0.4-4+deb11u2 - [buster] - libreoffice (Minor issue) [stretch] - libreoffice (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2056955 NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636 diff --git a/data/DLA/list b/data/DLA/list index 69e6aa0666..ae96dc09cc 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[26 Mar 2023] DLA-3368-1 libreoffice - security update + {CVE-2021-25636 CVE-2022-3140 CVE-2022-26305 CVE-2022-26306 CVE-2022-26307} + [buster] - libreoffice 1:6.1.5-3+deb10u8 [24 Mar 2023] DLA-3367-1 libdatetime-timezone-perl - new timezone database [buster] - libdatetime-timezone-perl 1:2.23-1+2023b [24 Mar 2023] DLA-3366-1 tzdata - new timezone database diff --git a/data/dla-needed.txt b/data/dla-needed.txt index c4ad9f5894..e35e52b637 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -129,10 +129,6 @@ intel-microcode (tobi) libmicrohttpd (Thorsten Alteholz) NOTE: 20230313: Programming language: C. -- -libreoffice (rouca) - NOTE: 20221012: Programming language: C++. - NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/libreoffice.git --- linux (Ben Hutchings) NOTE: 20230111: Programming language: C -- -- cgit v1.2.3