diff options
author | Moritz Mühlenhoff <jmm@debian.org> | 2024-03-31 21:29:55 +0200 |
---|---|---|
committer | Moritz Mühlenhoff <jmm@debian.org> | 2024-03-31 21:31:41 +0200 |
commit | a39713a408d16f6f246957b1465d244055ea5aa5 (patch) | |
tree | 76daff207bf7e21b789c928cfa5855e168f3a610 | |
parent | 7a69820dd6c525f7f1521c8d80ef0bc3c75a1cb7 (diff) |
bookworm/bullseye triage
-rw-r--r-- | data/CVE/list | 14 | ||||
-rw-r--r-- | data/dsa-needed.txt | 3 |
2 files changed, 10 insertions, 7 deletions
diff --git a/data/CVE/list b/data/CVE/list index 4a88e22ad9..40da70015d 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1322,9 +1322,10 @@ CVE-2023-47846 (Unrestricted Upload of File with Dangerous Type vulnerability in CVE-2023-47842 (Unrestricted Upload of File with Dangerous Type vulnerability in Zacha ...) NOT-FOR-US: WordPress plugin CVE-2023-46052 (Sane 1.2.1 heap bounds overwrite in init_options() from backend/test.c ...) - - sane-backends <unfixed> + - sane-backends <unfixed> (unimportant) NOTE: https://gitlab.com/sane-project/backends/-/issues/709 NOTE: https://gitlab.com/sane-project/backends/-/commit/a92ffb3d978329c29513b0acb98ae7987ec1bed7 (1.3.0) + NOTE: Negligible security impact CVE-2023-46051 (TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdfte ...) - texlive-bin <unfixed> (unimportant) NOTE: https://tug.org/pipermail/tex-live/2023-August/049406.html @@ -1336,9 +1337,10 @@ CVE-2023-46048 (Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pd NOTE: https://tug.org/pipermail/tex-live/2023-August/049400.html NOTE: Crash in CLI tool, negligible security impact CVE-2023-46047 (An issue in Sane 1.2.1 allows a local attacker to execute arbitrary co ...) - - sane-backends <unfixed> + - sane-backends <unfixed> (unimportant) NOTE: https://gitlab.com/sane-project/backends/-/issues/708 NOTE: https://gitlab.com/sane-project/backends/-/commit/fd7b83c8f7b4da4a9e1fb715d070aa2fd96832ff (1.3.0) + NOTE: Negligible security impact CVE-2023-46046 (An issue in MiniZinc before 2.8.0 allows a NULL pointer dereference vi ...) - minizinc 2.8.2+dfsg1-1 (unimportant) NOTE: https://github.com/MiniZinc/libminizinc/issues/730 @@ -1355,11 +1357,13 @@ CVE-2023-45931 (Mesa 23.0.4 was discovered to contain a NULL pointer dereference NOTE: https://gitlab.freedesktop.org/mesa/mesa/-/issues/9859 NOTE: Disputed and no reasonable security impact proven CVE-2023-45929 (S-Lang 2.3.2 was discovered to contain a segmentation fault via the fu ...) - - slang2 <unfixed> + - slang2 <unfixed> (unimportant) NOTE: http://lists.jedsoft.org/lists/slang-users/2023/0000002.html + NOTE: Negligible security impact CVE-2023-45927 (S-Lang 2.3.2 was discovered to contain an arithmetic exception via the ...) - - slang2 <unfixed> + - slang2 <unfixed> (unimportant) NOTE: http://lists.jedsoft.org/lists/slang-users/2023/0000003.html + NOTE: Negligible security impact CVE-2023-45925 (GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to contain ...) - mc <unfixed> (unimportant) NOTE: https://midnight-commander.org/ticket/4484 @@ -1426,6 +1430,8 @@ CVE-2024-30231 (Unrestricted Upload of File with Dangerous Type vulnerability in NOT-FOR-US: WordPress plugin CVE-2024-2955 (T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 a ...) - wireshark <unfixed> (bug #1068111) + [bookworm] - wireshark <no-dsa> (Minor issue) + [bullseye] - wireshark <no-dsa> (Minor issue) NOTE: https://www.wireshark.org/security/wnpa-sec-2024-06.html NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19695 CVE-2024-2951 (Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Registrat ...) diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index ce8dcf9bb4..fbf2217b3b 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -32,9 +32,6 @@ gtkwave (jmm) -- h2o (jmm) -- -intel-microcode (carnil) - Wailt for exposure in unstable in any case --- jetty9 -- libreswan (jmm) |