[Git][security-tracker-team/security-tracker][master] Reserve DLA-3829-1 for sendmail

Sat, 15 Jun 2024 00:33:50 -0700 


Bastien Roucariès pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6a931aa5 by Bastien Roucariès at 2024-06-15T07:33:19+00:00
Reserve DLA-3829-1 for sendmail

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[15 Jun 2024] DLA-3829-1 sendmail - security update
+       {CVE-2023-51765}
+       [buster] - sendmail 8.15.2-14~deb10u2
 [14 Jun 2024] DLA-3828-1 atril - security update
        {CVE-2023-52076}
        [buster] - atril 1.20.3-1+deb10u2


=====================================
data/dla-needed.txt
=====================================
@@ -298,22 +298,6 @@ runc (dleidert)
   NOTE: 20240521: Already started to work on it. Upload will haben until end 
of month. (dleidert)
   NOTE: 20240531: Waiting for ok to upload to bullseye-pu 
<https://bugs.debian.org/1072248> (dleidert)
 --
-sendmail (rouca)
-  NOTE: 20231224: Added by Front-Desk (ta)
-  NOTE: 20240213: Patch need to be extracted (rouca). Upstream does not 
publish patches (CVE-2023-51765)
-  NOTE: 20240217: Patch extracted and being reviewed (rouca)
-  NOTE: 20240310: Dropped from dla-needed.txt (ola/front-desk)
-  NOTE: 20240311: Re-added to dla-needed.txt; while secteam tagged it no-dsa 
in later dists,
-  NOTE: 20240311: I believe we should fix this sponsored package, like postfix 
and exim, in all dists,
-  NOTE: 20240311: please coordinate with the package maintainer to help make 
this happen. (Beuc/front-desk)
-  NOTE: 20240324: some issue coordinate with myself and security team (rouca)
-  NOTE: 20240425: need more time to investigate issue
-  NOTE: 20240430: https://marc.info/?l=oss-security&m=171447187004229&w=2
-  NOTE: 20240506: add possible workarround see #1070190
-  NOTE: 20240514: sid is on the way
-  NOTE: 20240525: sid/testing ok. Bookworm PU
-  NOTE: 20240614: bullseye PU
---
 squid
   NOTE: 20240109: Added by Front-Desk (apo)
   NOTE: 20240109: I ask for another pair of eyes for CVE-2023-5824. The fix



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a931aa54e27136ce65714e718838551d67b11dc

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a931aa54e27136ce65714e718838551d67b11dc
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to