[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2024-43407 as postponed for Bullseye

Sun, 25 Aug 2024 15:07:11 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
44f6c1a9 by Thorsten Alteholz at 2024-08-25T23:42:09+02:00
mark CVE-2024-43407 as postponed for Bullseye

- - - - -
c099ac8c by Thorsten Alteholz at 2024-08-25T23:47:55+02:00
add nss

- - - - -
91b05c80 by Thorsten Alteholz at 2024-08-26T00:00:01+02:00
add unbound

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -775,6 +775,7 @@ CVE-2024-43410 (Russh is a Rust SSH client & server 
library. Allocating an untru
        NOT-FOR-US: Russh
 CVE-2024-43407 (CKEditor4 is an open source what-you-see-is-what-you-get HTML 
editor.  ...)
        - ckeditor <unfixed>
+       [bullseye] - ckeditor <postponed> (Minor issue)
        NOTE: 
https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-7r32-vfj5-c2jv
        NOTE: Fixed by removing the plugins/codesnippetgeshi/dev directory 
completely.
        NOTE: 
https://github.com/ckeditor/ckeditor4/commit/71072c9f7f263329841bd38e7e5309074c82ef94
 (4.25.0-lts)


=====================================
data/dla-needed.txt
=====================================
@@ -204,6 +204,9 @@ nsis (dleidert)
   NOTE: 20240815: Added by Front-Desk (Beuc)
   NOTE: 20240815: Follow fixes from bookworm 12.6 (CVE-2023-37378) 
(Beuc/front-desk)
 --
+nss
+  NOTE: 20240825: Added by Front-Desk (ta)
+--
 opensc (guilhem)
   NOTE: 20240815: Added by Front-Desk (Beuc)
   NOTE: 20240815: Follow fixes from buster DLA-3463-1 (5 CVEs) and bookworm 
12.4 (2 CVEs) (Beuc/front-desk)
@@ -329,6 +332,9 @@ twisted
   NOTE: 20240807: Added by oldstable Security Team (jmm)
   NOTE: 20240815: A bookworm DSA is planned (Beuc/front-desk)
 --
+unbound
+  NOTE: 20240825: Added by Front-Desk (ta)
+--
 upx-ucl
   NOTE: 20240815: Added by Front-Desk (Beuc)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/435f1f0584824b84bba026f39fc7b69f859d48eb...91b05c809b9cd65655b93e9d3ba1315a1f040b38

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/435f1f0584824b84bba026f39fc7b69f859d48eb...91b05c809b9cd65655b93e9d3ba1315a1f040b38
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to