[Git][security-tracker-team/security-tracker][master] Reserve DLA-4007-1 for python-tornado

Tue, 31 Dec 2024 18:28:03 -0800 


Daniel Leidert pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2d608c40 by Daniel Leidert at 2025-01-01T03:26:33+01:00
Reserve DLA-4007-1 for python-tornado

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -132947,7 +132947,6 @@ CVE-2023-2480 (Missing access permissions checks in 
M-Files Client before 23.5.1
 CVE-2023-28370 (Open redirect vulnerability in Tornado versions 6.3.1 and 
earlier allo ...)
        - python-tornado 6.3.2-1 (bug #1036875)
        [bookworm] - python-tornado <no-dsa> (Minor issue)
-       [bullseye] - python-tornado <no-dsa> (Minor issue)
        [buster] - python-tornado <no-dsa> (Minor issue)
        - salt <removed> (bug #1059297)
        [buster] - salt <end-of-life> (EOL in buster LTS)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[01 Jan 2025] DLA-4007-1 python-tornado - security update
+       {CVE-2023-28370 CVE-2024-52804}
+       [bullseye] - python-tornado 6.1.0-1+deb11u1
 [31 Dec 2024] DLA-4006-1 python-django - security update
        {CVE-2024-53907}
        [bullseye] - python-django 2:2.2.28-1~deb11u3


=====================================
data/dla-needed.txt
=====================================
@@ -137,9 +137,6 @@ python-aiohttp
   NOTE: 20241030: Maybe it makes sense to upload the Bookworm version to 
Bullseye to reduce maintenance and patch both at the same time. (dleidert)
   NOTE: 20241030: Also added autopkgtest test scripts to run test suite. 
(dleidert)
 --
-python-tornado (dleidert)
-  NOTE: 20241130: Added by Front-Desk (ta)
---
 qemu (santiago)
   NOTE: 20240815: Added by Front-Desk (Beuc)
   NOTE: 20240815: Follow fixes from bookworm 12.4 (CVE-2023-5088)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d608c40da3b6591e376098a7dbaed0642012a21

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d608c40da3b6591e376098a7dbaed0642012a21
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to