diff options
| author | Moritz Mühlenhoff <jmm@debian.org> | 2024-03-15 15:30:42 +0100 |
|---|---|---|
| committer | Moritz Mühlenhoff <jmm@debian.org> | 2024-03-15 15:30:42 +0100 |
| commit | 61b65e49392c4f566c674e4da4b8a10227162082 (patch) | |
| tree | 82309e37145e4b50dc152aeeb37819ea71d3ddfa /data | |
| parent | d48452a7cfefddda764e6f5fcb29963b2adb9db9 (diff) | |
bookworm/bullseye triage
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 5 | ||||
| -rw-r--r-- | data/dsa-needed.txt | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index ddc96d48ac..c93a9c783b 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -33,6 +33,8 @@ CVE-2024-27756 (An issue in GLPI v.10.0.12 and before allows a remote attacker t NOTE: https://medium.com/%40cristiansindile/formula-injection-in-glpi-cve-2024-27756-3649c7cca092 CVE-2024-26540 (A heap-based buffer overflow in Clmg before 3.3.3 can occur via a craf ...) - cimg <unfixed> + [bookworm] - cimg <no-dsa> (Minor issue) + [bullseye] - cimg <no-dsa> (Minor issue) NOTE: https://github.com/GreycLab/CImg/issues/403 CVE-2024-26503 (Unrestricted File Upload vulnerability in Greek Universities Network O ...) NOT-FOR-US: Greek Universities Network Open eClass @@ -97,6 +99,8 @@ CVE-2024-2437 REJECTED CVE-2024-28849 (follow-redirects is an open source, drop-in replacement for Node's `ht ...) - node-follow-redirects <unfixed> + [bookworm] - node-follow-redirects <no-dsa> (Minor issue) + [bullseye] - node-follow-redirects <no-dsa> (Minor issue) NOTE: https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp NOTE: https://github.com/psf/requests/issues/1885 NOTE: https://github.com/follow-redirects/follow-redirects/commit/c4f847f85176991f95ab9c88af63b1294de8649b (v1.15.6) @@ -1060,6 +1064,7 @@ CVE-2023-28746 (Information exposure through microarchitectural state after tran CVE-2024-2193 [GhostRace: Speculative Race Conditions] - linux <unfixed> - xen <unfixed> + [bookworm] - xen <postponed> (Minor issue, fix along in next DSA) [bullseye] - xen <end-of-life> (EOLed in Bullseye) [buster] - xen <end-of-life> (DSA 4677-1) NOTE: https://www.openwall.com/lists/oss-security/2024/03/12/14 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index e60fa3fa5f..bf5faaf943 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -57,7 +57,7 @@ opennds/stable -- php-cas/oldstable -- -php-dompdf-svg-lib/stable +php-dompdf-svg-lib/stable (jmm) William Desportes is proposing an update needing review (6883e24c-b53d-4dcd-ad27-b944dbd688f3@wdes.fr) -- php-horde-mime-viewer/oldstable |