Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2469797e by Moritz Muehlenhoff at 2024-05-05T20:27:56+02:00 bookworm/bulleye triage - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -14,6 +14,8 @@ CVE-2024-4491 (A vulnerability classified as critical was found in Tenda i21 1.0 NOT-FOR-US: Tenda CVE-2024-34490 (In Maxima through 5.47.0 before 51704c, the plotting facilities make u ...) - maxima <unfixed> + [bookworm] - maxima <no-dsa> (Minor issue) + [bullseye] - maxima <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/maxima/bugs/3755/ CVE-2024-34489 (OFPHello in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause ...) NOT-FOR-US: Faucet SDN Ryu @@ -318,6 +320,8 @@ CVE-2024-34063 (vodozemac is an implementation of Olm and Megolm in pure Rust. V NOT-FOR-US: vodozemac CVE-2024-34062 (tqdm is an open source progress bar for Python and CLI. Any optional n ...) - tqdm 4.66.4-1 (bug #1070372) + [bookworm] - tqdm <no-dsa> (Minor issue) + [bullseye] - tqdm <no-dsa> (Minor issue) NOTE: https://github.com/tqdm/tqdm/security/advisories/GHSA-g7vv-2v7x-gj9p NOTE: Fixed by: https://github.com/tqdm/tqdm/commit/b53348c73080b4edeb30b4823d1fa0d8d2c06721 (v4.66.3) CVE-2024-34061 (changedetection.io is a free open source web page change detection, we ...) @@ -3459,6 +3463,8 @@ CVE-2023-48683 (Sensitive information disclosure and manipulation due to missing NOT-FOR-US: Acronis Cyber Protect Cloud Agent CVE-2023-46565 (Buffer Overflow vulnerability in osrg gobgp commit 419c50dfac578daa4d1 ...) - gobgp <unfixed> (bug #1070393) + [bookworm] - gobgp <no-dsa> (Minor issue) + [bullseye] - gobgp <no-dsa> (Minor issue) NOTE: https://github.com/osrg/gobgp/issues/2725 CVE-2023-46270 (MacPaw The Unarchiver before 4.3.6 contains vulnerability related to m ...) NOT-FOR-US: MacPaw The Unarchiver @@ -7198,6 +7204,8 @@ CVE-2023-3597 (A flaw was found in Keycloak, where it does not correctly validat NOT-FOR-US: Keycloak CVE-2024-31497 (In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation ...) - putty 0.81-1 + [bookworm] - putty <no-dsa> (Minor issue) + [bullseye] - putty <no-dsa> (Minor issue) - filezilla 3.67.0-1 [bookworm] - filezilla <no-dsa> (Minor issue) [bullseye] - filezilla <no-dsa> (Minor issue) @@ -15786,6 +15794,8 @@ CVE-2024-1144 (Improper access control vulnerability in Devklan's Alma Blog that CVE-2024-0450 (An issue was found in the CPython `zipfile` module affecting versions ...) {DLA-3772-1 DLA-3771-1} - pypy3 7.3.16+dfsg-1 + [bookworm] - pypy3 <no-dsa> (Minor issue) + [bullseye] - pypy3 <no-dsa> (Minor issue) - python3.12 3.12.2-1 - python3.11 3.11.8-1 (bug #1070133) [bookworm] - python3.11 <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2469797e622e8a1aa3cca8ebd836120f64aaf860 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2469797e622e8a1aa3cca8ebd836120f64aaf860 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits