From cbb8486e374a58925340fc83d6fe8106e1e25800 Mon Sep 17 00:00:00 2001 From: Dominik George Date: Thu, 17 Nov 2022 11:37:28 +0100 Subject: Reserve DLA-3193-1 for joblib --- data/DLA/list | 3 +++ data/dla-needed.txt | 3 --- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'data') diff --git a/data/DLA/list b/data/DLA/list index d670cf8c8b..8a908a4a55 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[17 Nov 2022] DLA-3193-1 joblib - security update + {CVE-2022-21797} + [buster] - joblib 0.13.0-2+deb10u1 [17 Nov 2022] DLA-3192-1 lava - security update {CVE-2022-42902} [buster] - lava 2019.01-5+deb10u1 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 461a345507..cc3bc01832 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -114,9 +114,6 @@ jhead NOTE: 20221031: Note that multiple options are vulnerable. The attacker have to trick someone to execute the command but arbitrary code exectuion is not good.. NOTE: 20221031: It should be stated in the DLA that multiple options are affected.. -- -joblib (Dominik George) - NOTE: 20221006: Programming language: Python. --- jqueryui NOTE: 20221111: Programming language: JavaScript. NOTE: 20221111: Follow fixes from bullseye 11.2 (and jessie/elts) (Beuc/front-desk) -- cgit v1.2.3