Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a39713a4 by Moritz Mühlenhoff at 2024-03-31T21:31:41+02:00
bookworm/bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1322,9 +1322,10 @@ CVE-2023-47846 (Unrestricted Upload of File with
Dangerous Type vulnerability in
CVE-2023-47842 (Unrestricted Upload of File with Dangerous Type vulnerability
in Zacha ...)
NOT-FOR-US: WordPress plugin
CVE-2023-46052 (Sane 1.2.1 heap bounds overwrite in init_options() from
backend/test.c ...)
- - sane-backends <unfixed>
+ - sane-backends <unfixed> (unimportant)
NOTE: https://gitlab.com/sane-project/backends/-/issues/709
NOTE:
https://gitlab.com/sane-project/backends/-/commit/a92ffb3d978329c29513b0acb98ae7987ec1bed7
(1.3.0)
+ NOTE: Negligible security impact
CVE-2023-46051 (TeX Live 944e257 allows a NULL pointer dereference in
texk/web2c/pdfte ...)
- texlive-bin <unfixed> (unimportant)
NOTE: https://tug.org/pipermail/tex-live/2023-August/049406.html
@@ -1336,9 +1337,10 @@ CVE-2023-46048 (Tex Live 944e257 has a NULL pointer
dereference in texk/web2c/pd
NOTE: https://tug.org/pipermail/tex-live/2023-August/049400.html
NOTE: Crash in CLI tool, negligible security impact
CVE-2023-46047 (An issue in Sane 1.2.1 allows a local attacker to execute
arbitrary co ...)
- - sane-backends <unfixed>
+ - sane-backends <unfixed> (unimportant)
NOTE: https://gitlab.com/sane-project/backends/-/issues/708
NOTE:
https://gitlab.com/sane-project/backends/-/commit/fd7b83c8f7b4da4a9e1fb715d070aa2fd96832ff
(1.3.0)
+ NOTE: Negligible security impact
CVE-2023-46046 (An issue in MiniZinc before 2.8.0 allows a NULL pointer
dereference vi ...)
- minizinc 2.8.2+dfsg1-1 (unimportant)
NOTE: https://github.com/MiniZinc/libminizinc/issues/730
@@ -1355,11 +1357,13 @@ CVE-2023-45931 (Mesa 23.0.4 was discovered to contain a
NULL pointer dereference
NOTE: https://gitlab.freedesktop.org/mesa/mesa/-/issues/9859
NOTE: Disputed and no reasonable security impact proven
CVE-2023-45929 (S-Lang 2.3.2 was discovered to contain a segmentation fault
via the fu ...)
- - slang2 <unfixed>
+ - slang2 <unfixed> (unimportant)
NOTE: http://lists.jedsoft.org/lists/slang-users/2023/0000002.html
+ NOTE: Negligible security impact
CVE-2023-45927 (S-Lang 2.3.2 was discovered to contain an arithmetic exception
via the ...)
- - slang2 <unfixed>
+ - slang2 <unfixed> (unimportant)
NOTE: http://lists.jedsoft.org/lists/slang-users/2023/0000003.html
+ NOTE: Negligible security impact
CVE-2023-45925 (GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to
contain ...)
- mc <unfixed> (unimportant)
NOTE: https://midnight-commander.org/ticket/4484
@@ -1426,6 +1430,8 @@ CVE-2024-30231 (Unrestricted Upload of File with
Dangerous Type vulnerability in
NOT-FOR-US: WordPress plugin
CVE-2024-2955 (T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to
4.0.13 a ...)
- wireshark <unfixed> (bug #1068111)
+ [bookworm] - wireshark <no-dsa> (Minor issue)
+ [bullseye] - wireshark <no-dsa> (Minor issue)
NOTE: https://www.wireshark.org/security/wnpa-sec-2024-06.html
NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19695
CVE-2024-2951 (Cross-Site Request Forgery (CSRF) vulnerability in Metagauss
Registrat ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -32,9 +32,6 @@ gtkwave (jmm)
--
h2o (jmm)
--
-intel-microcode (carnil)
- Wailt for exposure in unstable in any case
---
jetty9
--
libreswan (jmm)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a39713a408d16f6f246957b1465d244055ea5aa5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a39713a408d16f6f246957b1465d244055ea5aa5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
