diff options
author | Markus Koschany <apo@debian.org> | 2022-05-20 22:37:18 +0200 |
---|---|---|
committer | Markus Koschany <apo@debian.org> | 2022-05-20 22:37:18 +0200 |
commit | 04975803dd8671923663f7866f3ed8cfa1c0b9b3 (patch) | |
tree | ca55b1157e53839808ed34e630a605ae1c005bc6 /data | |
parent | 05096d601ed9bfc22df4ae02a0c0e71cb8328938 (diff) |
Reserve DLA-3018-1 for libpgjava
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 3 | ||||
-rw-r--r-- | data/DLA/list | 3 | ||||
-rw-r--r-- | data/dla-needed.txt | 3 |
3 files changed, 3 insertions, 6 deletions
diff --git a/data/CVE/list b/data/CVE/list index 4003609105..bc95963bee 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -16642,9 +16642,6 @@ CVE-2022-0656 (The Web To Print Shop : uDraw WordPress plugin before 3.3.3 does NOT-FOR-US: WordPress plugin CVE-2022-26520 (** DISPUTED ** In pgjdbc before 42.3.3, an attacker (who controls the ...) - libpgjava 42.3.3-1 - [bullseye] - libpgjava - <no-dsa> (Requires control over connection properties) - [buster] - libpgjava - <no-dsa> (Requires control over connection properties) - [stretch] - libpgjava - <no-dsa> (Requires control over connection properties) NOTE: https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-673j-qm5f-xpv8 NOTE: https://github.com/pgjdbc/pgjdbc/commit/f6d47034a4ce292e1a659fa00963f6f713117064 (REL42.3.3-rc1) CVE-2022-25299 (This affects the package cesanta/mongoose before 7.6. The unsafe handl ...) diff --git a/data/DLA/list b/data/DLA/list index af38dba454..69321d11e2 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[20 May 2022] DLA-3018-1 libpgjava - security update + {CVE-2022-21724} + [stretch] - libpgjava 9.4.1212-1+deb9u1 [20 May 2022] DLA-3017-1 openldap - security update {CVE-2022-29155} [stretch] - openldap 2.4.44+dfsg-5+deb9u9 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 7553307b6f..9ea557891a 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -88,9 +88,6 @@ liblouis NOTE: 20220503: CVE-2022-26981 patch applied in salsa lts-team repo, NOTE: 20220503: Patch not applied upstream yet. -- -libpgjava (Markus Koschany) - NOTE: 20220520: Still running a few tests with r-deps. (apo) --- libvirt (Thorsten Alteholz) NOTE: 20220508: testing package -- |