diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2024-04-13 15:50:10 +0200 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2024-04-13 15:50:10 +0200 |
| commit | d0fb508be1bf96b0230bc39ce4794bf70fe1606f (patch) | |
| tree | 0f43c0163da7229a2f1a35fc29e4cf1b9de644da /data | |
| parent | c3832dcd6c1861b6d3273644052bc76c869c585f (diff) | |
bookworm/bullseye triage
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 4 | ||||
| -rw-r--r-- | data/dsa-needed.txt | 8 |
2 files changed, 8 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index 702ce5c7ef..791a8a217e 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -165,7 +165,7 @@ CVE-2024-30381 (An Exposure of Sensitive Information to an Unauthorized Actor vu CVE-2024-30210 (IO-1020 Micro ELD uses a default WIFI password that could allow an adj ...) NOT-FOR-US: IO-1020 Micro ELD CVE-2024-2397 (Due to a bug in packet data buffers management, the PPP printer in tcp ...) - - tcpdump <unfixed> + - tcpdump <not-affected> (Vulnerable code not present in any version uploaded to Debian) NOTE: Introduced by: https://github.com/the-tcpdump-group/tcpdump/commit/0d4083ee8687a9f6578e26a1407bd9f2a9d27885 NOTE: Fixed by: https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2 CVE-2024-29461 (An issue in Floodlight SDN OpenFlow Controller v.1.2 allows a remote a ...) @@ -252,6 +252,7 @@ CVE-2023-50307 (IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 thr NOT-FOR-US: IBM CVE-2023-49528 (Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, al ...) - ffmpeg <unfixed> + [bookworm] - ffmpeg <postponed> (Pick up when fixed in 5.1.x) [bullseye] - ffmpeg <not-affected> (Vulnerable code not present) [buster] - ffmpeg <not-affected> (Vulnerable code not present) NOTE: https://trac.ffmpeg.org/ticket/10691 @@ -7323,6 +7324,7 @@ CVE-2024-2161 (Use of Hard-coded Credentials in Kiloview NDI allows un-authentic NOT-FOR-US: Kiloview CVE-2024-29864 (Distrobox before 1.7.0.1 allows attackers to execute arbitrary code vi ...) - distrobox 1.7.0.1-1 + [bookworm] - distrobox <no-dsa> (Minor issue) NOTE: https://github.com/89luca89/distrobox/issues/1275 NOTE: Fixed by: https://github.com/89luca89/distrobox/commit/82a69f0a234e73e447d0ea8c8b3443b84fd31944 (1.7.0.1) CVE-2024-29862 (The Kerlink firewall in ChirpStack chirpstack-mqtt-forwarder before 4. ...) diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index e5df911390..00a851d734 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -11,7 +11,7 @@ To pick an issue, simply add your uid behind it. If needed, specify the release by adding a slash after the name of the source package. -apache2 +apache2 (jmm) -- cryptojs -- @@ -49,9 +49,9 @@ opennds/stable -- org-mode -- -php7.4 +php7.4 (jmm) -- -php8.2 +php8.2 (jmm) -- php-cas/oldstable -- @@ -92,6 +92,8 @@ salt/oldstable -- squid -- +trafficserver (jmm) +-- webkit2gtk (berto) -- wpa |