[Git][security-tracker-team/security-tracker][master] bookworm triage

Moritz Muehlenhoff (@jmm) Wed, 11 Sep 2024 00:23:03 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
52b60e84 by Moritz Muehlenhoff at 2024-09-11T09:22:10+02:00
bookworm triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -919,6 +919,7 @@ CVE-2024-6792 (The WP ULike  WordPress plugin before 
4.7.2.1 does not properly s
        NOT-FOR-US: WordPress plugin
 CVE-2024-45751 (tgt (aka Linux target framework) before 1.0.93 attempts to 
achieve ent ...)
        - tgt <unfixed> (bug #1081158)
+       [bookworm] - tgt <no-dsa> (Minor issue)
        NOTE: https://github.com/fujita/tgt/pull/67
        NOTE: 
https://github.com/fujita/tgt/commit/abd8e0d987ab56013d360077202bf2aca20a42dd 
(v1.0.93)
        NOTE: https://www.openwall.com/lists/oss-security/2024/09/07/2
@@ -1017,6 +1018,7 @@ CVE-2024-45158 (An issue was discovered in Mbed TLS 3.6 
before 3.6.1. A stack bu
        NOTE: 
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-08-2/
 CVE-2024-45157 (An issue was discovered in Mbed TLS before 2.28.9 and 3.x 
before 3.6.1 ...)
        - mbedtls <unfixed>
+       [bookworm] - mbedtls <no-dsa> (Minor issue)
        NOTE: 
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-08-1/
 CVE-2024-45107 (Acrobat Reader versions 20.005.30636, 24.002.20964, 
24.001.30123, 24.0 ...)
        NOT-FOR-US: Adobe


=====================================
data/dsa-needed.txt
=====================================
@@ -11,13 +11,15 @@ To pick an issue, simply add your uid behind it.
 
 If needed, specify the release by adding a slash after the name of the source 
package.
 
+--
+activemq
 --
 chromium (dilinger)
 --
 dnsmasq
   Lee Garrett showed interest to prepare an update for review
 --
-expat
+expat (jmm)
   Maintainer proposed debdiffs for review
 --
 frr
@@ -51,10 +53,7 @@ smarty3
 --
 smarty4
 --
-twisted
---
-xen
-  Might not be needed as maintainer did aim to have the version included in 
the upcoming point release
+twisted (jmm)
 --
 zabbix
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52b60e84e7ef13f7193fde87b7842d770e03bec6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52b60e84e7ef13f7193fde87b7842d770e03bec6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bookworm triage

Reply via email to