Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2469797e by Moritz Muehlenhoff at 2024-05-05T20:27:56+02:00
bookworm/bulleye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14,6 +14,8 @@ CVE-2024-4491 (A vulnerability classified as critical was
found in Tenda i21 1.0
NOT-FOR-US: Tenda
CVE-2024-34490 (In Maxima through 5.47.0 before 51704c, the plotting
facilities make u ...)
- maxima <unfixed>
+ [bookworm] - maxima <no-dsa> (Minor issue)
+ [bullseye] - maxima <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/maxima/bugs/3755/
CVE-2024-34489 (OFPHello in parser.py in Faucet SDN Ryu 4.34 allows attackers
to cause ...)
NOT-FOR-US: Faucet SDN Ryu
@@ -318,6 +320,8 @@ CVE-2024-34063 (vodozemac is an implementation of Olm and
Megolm in pure Rust. V
NOT-FOR-US: vodozemac
CVE-2024-34062 (tqdm is an open source progress bar for Python and CLI. Any
optional n ...)
- tqdm 4.66.4-1 (bug #1070372)
+ [bookworm] - tqdm <no-dsa> (Minor issue)
+ [bullseye] - tqdm <no-dsa> (Minor issue)
NOTE:
https://github.com/tqdm/tqdm/security/advisories/GHSA-g7vv-2v7x-gj9p
NOTE: Fixed by:
https://github.com/tqdm/tqdm/commit/b53348c73080b4edeb30b4823d1fa0d8d2c06721
(v4.66.3)
CVE-2024-34061 (changedetection.io is a free open source web page change
detection, we ...)
@@ -3459,6 +3463,8 @@ CVE-2023-48683 (Sensitive information disclosure and
manipulation due to missing
NOT-FOR-US: Acronis Cyber Protect Cloud Agent
CVE-2023-46565 (Buffer Overflow vulnerability in osrg gobgp commit
419c50dfac578daa4d1 ...)
- gobgp <unfixed> (bug #1070393)
+ [bookworm] - gobgp <no-dsa> (Minor issue)
+ [bullseye] - gobgp <no-dsa> (Minor issue)
NOTE: https://github.com/osrg/gobgp/issues/2725
CVE-2023-46270 (MacPaw The Unarchiver before 4.3.6 contains vulnerability
related to m ...)
NOT-FOR-US: MacPaw The Unarchiver
@@ -7198,6 +7204,8 @@ CVE-2023-3597 (A flaw was found in Keycloak, where it
does not correctly validat
NOT-FOR-US: Keycloak
CVE-2024-31497 (In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce
generation ...)
- putty 0.81-1
+ [bookworm] - putty <no-dsa> (Minor issue)
+ [bullseye] - putty <no-dsa> (Minor issue)
- filezilla 3.67.0-1
[bookworm] - filezilla <no-dsa> (Minor issue)
[bullseye] - filezilla <no-dsa> (Minor issue)
@@ -15786,6 +15794,8 @@ CVE-2024-1144 (Improper access control vulnerability in
Devklan's Alma Blog that
CVE-2024-0450 (An issue was found in the CPython `zipfile` module affecting
versions ...)
{DLA-3772-1 DLA-3771-1}
- pypy3 7.3.16+dfsg-1
+ [bookworm] - pypy3 <no-dsa> (Minor issue)
+ [bullseye] - pypy3 <no-dsa> (Minor issue)
- python3.12 3.12.2-1
- python3.11 3.11.8-1 (bug #1070133)
[bookworm] - python3.11 <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2469797e622e8a1aa3cca8ebd836120f64aaf860
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2469797e622e8a1aa3cca8ebd836120f64aaf860
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
