Utkarsh Gupta pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2a632f0c by Utkarsh Gupta at 2024-05-18T02:08:17+05:30
Mark CVE-2024-29857/bc as postponed for buster
- - - - -
8f8971df by Utkarsh Gupta at 2024-05-18T02:08:19+05:30
Mark CVE-2024-30172/bc as postponed for buster
- - - - -
1bbb0496 by Utkarsh Gupta at 2024-05-18T02:08:21+05:30
Mark CVE-2024-34447/bc as postponed for buster
- - - - -
9d900a5e by Utkarsh Gupta at 2024-05-18T02:08:23+05:30
Mark CVE-2024-372/golang-github-opencontainers-go-digest as postponed for buster
- - - - -
e5ad0e1e by Utkarsh Gupta at 2024-05-18T02:08:24+05:30
Mark CVE-2024-4068/node-braces as postponed for buster
- - - - -
28b62822 by Utkarsh Gupta at 2024-05-18T02:08:26+05:30
Mark CVE-2024-4067/node-micromatch as postponed for buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2051,11 +2051,13 @@ CVE-2024-4068 (The NPM package `braces` fails to limit
the number of characters
- node-braces <unfixed>
[bookworm] - node-braces <no-dsa> (Minor issue)
[bullseye] - node-braces <no-dsa> (Minor issue)
+ [buster] - node-braces <postponed> (Minor issue)
NOTE: https://github.com/micromatch/braces/issues/35
CVE-2024-4067 (The NPM package `micromatch` is vulnerable to Regular
Expression Denia ...)
- node-micromatch <unfixed>
[bookworm] - node-micromatch <no-dsa> (Minor issue)
[bullseye] - node-micromatch <no-dsa> (Minor issue)
+ [buster] - node-micromatch <postponed> (Minor issue)
NOTE: https://github.com/micromatch/micromatch/issues/243
NOTE: https://github.com/micromatch/micromatch/pull/247
CVE-2024-3462 (Ant Media Server Community Edition in a default configuration
is vulne ...)
@@ -2745,6 +2747,7 @@ CVE-2024-3727 (A flaw was found in the
github.com/containers/image library. This
- golang-github-opencontainers-go-digest <unfixed> (bug #1070858)
[bookworm] - golang-github-opencontainers-go-digest <no-dsa> (Minor
issue)
[bullseye] - golang-github-opencontainers-go-digest <no-dsa> (Minor
issue)
+ [buster] - golang-github-opencontainers-go-digest <postponed> (Minor
issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2274767
CVE-2024-3722 (The Swift Performance Lite plugin for WordPress is vulnerable
to unaut ...)
NOT-FOR-US: WordPress plugin
@@ -4099,12 +4102,14 @@ CVE-2024-29857 (An issue was discovered in ECCurve.java
and ECCurve.cs in Bouncy
- bouncycastle <unfixed> (bug #1070655)
[bookworm] - bouncycastle <no-dsa> (Minor issue)
[bullseye] - bouncycastle <no-dsa> (Minor issue)
+ [buster] - bouncycastle <postponed> (Minor issue)
NOTE: https://github.com/bcgit/bc-java/issues/1635
NOTE: https://www.bouncycastle.org/latest_releases.html
CVE-2024-30172 (An issue was discovered in Bouncy Castle Java Cryptography
APIs before ...)
- bouncycastle <unfixed> (bug #1070655)
[bookworm] - bouncycastle <no-dsa> (Minor issue)
[bullseye] - bouncycastle <no-dsa> (Minor issue)
+ [buster] - bouncycastle <postponed> (Minor issue)
NOTE: https://github.com/bcgit/bc-java/issues/1599
NOTE: https://www.bouncycastle.org/latest_releases.html
NOTE:
https://github.com/bcgit/bc-java/commit/9c165791b68a204678b48ec11e4e579754c2ea49
(r1rv78v1)
@@ -4437,6 +4442,7 @@ CVE-2024-34447 (An issue was discovered in Bouncy Castle
Java Cryptography APIs
- bouncycastle <unfixed> (bug #1070655)
[bookworm] - bouncycastle <no-dsa> (Minor issue)
[bullseye] - bouncycastle <no-dsa> (Minor issue)
+ [buster] - bouncycastle <postponed> (Minor issue)
NOTE: https://www.bouncycastle.org/latest_releases.html
CVE-2024-34446 (Mullvad VPN through 2024.1 on Android does not set a DNS
server in the ...)
NOT-FOR-US: Mullvad VPN
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/297d11c339e2aa0a4bc925604dd879bd678c9eb6...28b62822162b37fc54c35154ab2105093463bad6
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/297d11c339e2aa0a4bc925604dd879bd678c9eb6...28b62822162b37fc54c35154ab2105093463bad6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
