diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2024-02-20 10:34:24 +0100 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2024-02-20 10:51:04 +0100 |
| commit | 4f594031caf98a253689a0d3ce5228221070eef2 (patch) | |
| tree | e5b68cdc9a5a30a9ebaab399fc1f683f74c9d8e0 /data | |
| parent | cf007eaed89ebeab41a8bfde52131a4d96be4cd8 (diff) | |
bookworm/bullseye triage
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 9 | ||||
| -rw-r--r-- | data/dsa-needed.txt | 2 |
2 files changed, 11 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index 0441a76bb9..ff2afce0b6 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -297,6 +297,8 @@ CVE-2023-50951 (IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak f NOT-FOR-US: IBM CVE-2023-45918 (ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinf ...) - ncurses 6.4+20230625-1 + [bookworm] - ncurses <no-dsa> (Minor issue) + [bullseye] - ncurses <no-dsa> (Minor issue) NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2023-06/msg00005.html NOTE: https://invisible-island.net/ncurses/NEWS.html#index-t20230615 NOTE: Fixed in ncurses-6.4-20230615 patchlevel @@ -363,9 +365,14 @@ CVE-2024-0793 CVE-2024-25580 [QT KTX buffer overflow] [experimental] - qt6-base 6.6.2+dfsg-1 - qt6-base <unfixed> (bug #1064052) + [bookworm] - qt6-base <no-dsa> (Minor issue) - qtbase-opensource-src 5.15.10+dfsg-7 (bug #1064053) + [bookworm] - qtbase-opensource-src <no-dsa> (Minor issue) + [bullseye] - qtbase-opensource-src <no-dsa> (Minor issue) [buster] - qtbase-opensource-src <not-affected> (Vulnerable code not present) - qtbase-opensource-src-gles <unfixed> (bug #1064054) + [bookworm] - qtbase-opensource-src-gles <no-dsa> (Minor issue) + [bullseye] - qtbase-opensource-src-gles <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2264423 NOTE: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=28ecb523ce8490bff38b251b3df703c72e057519 NOTE: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=dec1863c7dc63e5788b0c6c061d36e856a6ae2b2 (v6.6.2) @@ -1530,6 +1537,8 @@ CVE-2024-1454 (The use-after-free vulnerability was found in the AuthentIC drive NOTE: Fixed by: https://github.com/OpenSC/OpenSC/commit/5835f0d4f6c033bd58806d33fa546908d39825c9 CVE-2023-6681 (A vulnerability was found in JWCrypto. This flaw allows an attacker to ...) - python-jwcrypto <unfixed> + [bookworm] - python-jwcrypto <no-dsa> (Minor issue) + [bullseye] - python-jwcrypto <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2260843 CVE-2023-6110 [deleting a non existing access rule deletes another existing access rule in it's scope] - python-openstackclient <unfixed> diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index f9c93b81c4..5abb906940 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -19,6 +19,8 @@ composer (seb) -- cryptojs -- +dav1d +-- dnsdist (jmm) -- frr |