bullseye triage

Moritz Muehlenhoff (@jmm) Wed, 15 May 2024 04:38:18 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4787f35a by Moritz Muehlenhoff at 2024-05-15T13:32:17+02:00
bookworm/bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -821,10 +821,11 @@ CVE-2024-34697 (FreeScout is a free, self-hosted help 
desk and shared mailbox. A
 CVE-2024-34555 (Unrestricted Upload of File with Dangerous Type vulnerability 
in URBAN ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-34459 (An issue was discovered in xmllint (from libxml2) before 
2.11.8 and 2. ...)
-       - libxml2 <unfixed> (bug #1071162)
+       - libxml2 <unfixed> (unimportant; bug #1071162)
        NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/720
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/libxml2/-/commit/8ddc7f13337c9fe7c6b6e616f404b0fffb8a5145
 (v2.11.8)
        NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2876ac5392a4e891b81e40e592c3ac6cb46016ce
 (v2.12.7)
+       NOTE: Crash in CLI tool, no security impact
 CVE-2024-34440 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Jordy ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-34416 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Pk Fa ...)
@@ -1434,6 +1435,8 @@ CVE-2024-3806 (The Porto theme for WordPress is 
vulnerable to Local File Inclusi
        NOT-FOR-US: WordPress theme
 CVE-2024-3727 (A flaw was found in the github.com/containers/image library. 
This flaw ...)
        - golang-github-opencontainers-go-digest <unfixed> (bug #1070858)
+       [bookworm] - golang-github-opencontainers-go-digest <no-dsa> (Minor 
issue)
+       [bullseye] - golang-github-opencontainers-go-digest <no-dsa> (Minor 
issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2274767
 CVE-2024-3722 (The Swift Performance Lite plugin for WordPress is vulnerable 
to unaut ...)
        NOT-FOR-US: WordPress plugin
@@ -3828,7 +3831,11 @@ CVE-2023-44430 (Bentley View SKP File Parsing 
Use-After-Free Remote Code Executi
        NOT-FOR-US: Bentley
 CVE-2023-44428 (MuseScore CAP File Parsing Heap-based Buffer Overflow Remote 
Code Exec ...)
        - musescore2 <unfixed>
+       [bookworm] - musescore2 <no-dsa> (Minor issue)
+       [bullseye] - musescore2 <no-dsa> (Minor issue)
        - musescore3 <unfixed> (bug #1070860)
+       [bookworm] - musescore3 <no-dsa> (Minor issue)
+       [bullseye] - musescore3 <no-dsa> (Minor issue)
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1526/
 CVE-2023-44427 (D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command 
Injecti ...)
        NOT-FOR-US: D-Link



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4787f35af1bfe5dd00a2f84dca237a6412d21e3b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4787f35af1bfe5dd00a2f84dca237a6412d21e3b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage

Reply via email to