[Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage

Fri, 09 Aug 2024 08:38:06 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5b01e790 by Moritz Muehlenhoff at 2024-08-09T17:37:22+02:00
bookworm/bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6067,6 +6067,8 @@ CVE-2024-40110 (Sourcecodester Poultry Farm Management 
System v1.0 contains an U
        NOT-FOR-US: Sourcecodester Poultry Farm Management System
 CVE-2024-39917 (xrdp is an open source RDP server. xrdp versions prior to 
0.10.0 have  ...)
        - xrdp <unfixed> (bug #1076769)
+       [bookworm] - xrdp <no-dsa> (Minor issue)
+       [bullseye] - xrdp <no-dsa> (Minor issue)
        NOTE: 
https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-7w22-h4w7-8j5j
        NOTE: 
https://github.com/neutrinolabs/xrdp/commit/8ac2f6db34649a93d3c9c4fe8fda61203702e615
        NOTE: While claimed in GHSA-7w22-h4w7-8j5j that issue is fixed in 
0.10.0 the referenced
@@ -8762,7 +8764,9 @@ CVE-2024-35227 (Discourse is an open-source discussion 
platform. Prior to versio
        NOT-FOR-US: Discourse
 CVE-2024-34750 (Improper Handling of Exceptional Conditions, Uncontrolled 
Resource Con ...)
        - tomcat10 10.1.25-1
+       [bookworm] - tomcat10 <postponed> (Minor issue, fixed along in next DSA)
        - tomcat9 9.0.70-2
+       [bullseye] - tomcat9 <postponed> (Minor issue, fixed along in next DSA)
        NOTE: https://lists.apache.org/thread/4kqf0bc9gxymjc2x7v3p7dvplnl77y8l
        NOTE: 
https://github.com/apache/tomcat/commit/2afae300c9ac9c0e516e2e9de580847d925365c3
 (10.1.25)
        NOTE: 
https://github.com/apache/tomcat/commit/9fec9a82887853402833a80b584e3762c7423f5f
 (9.0.90)
@@ -156662,7 +156666,7 @@ CVE-2022-2997 (Session Fixation in GitHub repository 
snipe/snipe-it prior to 6.0
 CVE-2022-2996 (A flaw was found in the python-scciclient when making an HTTPS 
connect ...)
        {DLA-3180-1}
        - python-scciclient 0.12.3-2 (bug #1018213)
-       [bullseye] - python-scciclient 0.8.0-2+deb11u1
+       [bullseye] - python-scciclient <no-dsa> (Minor issue)
        NOTE: 
https://opendev.org/x/python-scciclient/commit/274dca0344b65b4ac113d3271d21c17e970a636c
 (0.12)
 CVE-2022-2995 (Incorrect handling of the supplementary groups in the CRI-O 
container  ...)
        - cri-o <itp> (bug #979702)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b01e79086eb94c413a379c73c63b74a6db97d3b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b01e79086eb94c413a379c73c63b74a6db97d3b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to