From 14d5917350b96adbe835c90c8f9af6c18292da47 Mon Sep 17 00:00:00 2001 From: Adrian Bunk Date: Tue, 30 Nov 2021 23:32:43 +0000 Subject: Reserve DLA-2835-1 for rsyslog --- data/CVE/2019.list | 2 -- data/DLA/list | 3 +++ data/dla-needed.txt | 2 -- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index ad20c773c5..fcbc14737c 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -10180,13 +10180,11 @@ CVE-2019-17042 (An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconam {DLA-1952-1} - rsyslog 8.1910.0-1 (bug #942065) [buster] - rsyslog (Minor issue, pmcisconames module not loaded by default) - [stretch] - rsyslog (Minor issue, pmcisconames module not loaded by default) NOTE: https://github.com/rsyslog/rsyslog/pull/3883 CVE-2019-17041 (An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfr ...) {DLA-1952-1} - rsyslog 8.1910.0-1 (bug #942067) [buster] - rsyslog (Minor issue, pmaixforwardedfrom module not loaded by default) - [stretch] - rsyslog (Minor issue, pmaixforwardedfrom module not loaded by default) NOTE: https://github.com/rsyslog/rsyslog/pull/3884 CVE-2019-17040 (contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bound ...) - rsyslog 8.1910.0-1 (unimportant) diff --git a/data/DLA/list b/data/DLA/list index ea207a58cb..9b1043650d 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[30 Nov 2021] DLA-2835-1 rsyslog - security update + {CVE-2019-17041 CVE-2019-17042} + [stretch] - rsyslog 8.24.0-1+deb9u1 [30 Nov 2021] DLA-2834-1 uriparser - security update {CVE-2018-20721} [stretch] - uriparser 0.8.4-1+deb9u2 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 2ea6719cdd..2fbb7b0e49 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -84,8 +84,6 @@ puppet -- roundcube (Markus Koschany) -- -rsyslog (Adrian Bunk) --- rustc (Roberto C. Sánchez) NOTE: rust-doc in stretch-lts (and jessie-lts) is not installable NOTE: https://bugs.debian.org/928422 -- cgit v1.2.3