bookworm triage

Moritz Muehlenhoff (@jmm) Tue, 12 Dec 2023 07:49:44 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b690b335 by Moritz Muehlenhoff at 2023-12-12T16:48:39+01:00
bullseye/bookworm triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -262,6 +262,8 @@ CVE-2023-6356 [NULL pointer dereference in 
nvmet_tcp_build_iovec]
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2254054
 CVE-2023-39804 [Incorrectly handled extension attributes in PAX archives can 
lead to a crash]
        - tar <unfixed> (bug #1058079)
+       [bookworm] - tar <no-dsa> (Minor issue)
+       [bullseye] - tar <no-dsa> (Minor issue)
        NOTE: Fixed by: 
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4
 (v1.35)
 CVE-2023-6679 (A null pointer dereference vulnerability was found in 
dpll_pin_parent_ ...)
        - linux <not-affected> (Vulnerable code not present)
@@ -2480,7 +2482,9 @@ CVE-2023-34055 (In Spring Boot versions 2.7.0 - 2.7.17, 
3.0.0-3.0.12 and 3.1.0-3
        NOT-FOR-US: Spring Boot
 CVE-2023-46589 (Improper Input Validation vulnerability in Apache 
Tomcat.Tomcat from 1 ...)
        - tomcat10 10.1.16-1 (bug #1057082)
+       [bookworm] - tomcat10 <postponed> (Minor issue, fix along in next DSA)
        - tomcat9 9.0.70-2
+       [bullseye] - tomcat9 <postponed> (Minor issue, fix along in next DSA)
        - tomcat8 <removed>
        NOTE: https://www.openwall.com/lists/oss-security/2023/11/28/2
        NOTE: 
https://github.com/apache/tomcat/commit/b5776d769bffeade865061bc8ecbeb2b56167b08
 (10.1.16)
@@ -15728,6 +15732,8 @@ CVE-2023-39514 (Cacti is an open source operational 
monitoring and fault managem
        NOTE: Introduced by: 
https://github.com/Cacti/cacti/commit/75c147b70493d188ad85313569f86e33e13988b2 
(release/1.2.17)
 CVE-2023-39513 (Cacti is an open source operational monitoring and fault 
management fr ...)
        - cacti 1.2.25+ds1-1
+       [bookworm] - cacti <no-dsa> (Minor issue)
+       [bullseye] - cacti <no-dsa> (Minor issue)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2
        NOTE: Initial fix: 
https://github.com/Cacti/cacti/commit/976f44dd8dfb2410e0dba00de9c4bbca17ee8910 
(release/1.2.25)
        NOTE: Final fix: 
https://github.com/Cacti/cacti/commit/23abb0e0a9729bd056b56f4fb5a6fc8e7ebda523 
(release/1.2.25)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b690b335635f0f7a62c96ceca6f210c61812bb39

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b690b335635f0f7a62c96ceca6f210c61812bb39
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage

Reply via email to