From d844feff265edf32a4ad8daf9028da305a870b80 Mon Sep 17 00:00:00 2001 From: Emilio Pozuelo Monfort Date: Wed, 9 Feb 2022 10:42:24 +0100 Subject: Reserve DLA-2915-1 for connman --- data/CVE/list.2021 | 1 - data/DLA/list | 3 +++ data/dla-needed.txt | 4 ---- 3 files changed, 3 insertions(+), 5 deletions(-) (limited to 'data') diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index a3dfc6a746..63045bc042 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -31555,7 +31555,6 @@ CVE-2021-33834 CVE-2021-33833 (ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based b ...) - connman 1.36-2.2 (bug #989662) [buster] - connman 1.36-2.1~deb10u2 - [stretch] - connman (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/06/09/1 NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=eceb2e8d2341c041df55a5e2f047d9a8c491463c CVE-2021-33832 diff --git a/data/DLA/list b/data/DLA/list index 7ee3637774..1693721869 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[09 Feb 2022] DLA-2915-1 connman - security update + {CVE-2021-33833 CVE-2022-23096 CVE-2022-23097 CVE-2022-23098} + [stretch] - connman 1.33-3+deb9u3 [07 Feb 2022] DLA-2914-1 zabbix - security update {CVE-2022-23134} [stretch] - zabbix 1:3.0.32+dfsg-0+deb9u2 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 74f06e6a0f..07d40f09f2 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -18,10 +18,6 @@ ansible NOTE: 20210411: after that LTS. (apo) NOTE: 20210426: https://people.debian.org/~apo/lts/ansible/ -- -connman (Emilio) - NOTE: 20220203: harmonize with buster-10.10 (CVE-2021-33833) - NOTE: 20220203: + check new CVEs if patches can be identified (Beuc) --- debian-archive-keyring NOTE: https://lists.debian.org/debian-lts/2021/08/msg00037.html NOTE: 20210920: Raphael answered. will backport today. (utkarsh) -- cgit v1.2.3