Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
456c2afd by Moritz Muehlenhoff at 2024-09-15T23:28:06+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3022,17 +3022,17 @@ CVE-2024-8108 (The Share This Image plugin for
WordPress is vulnerable to Stored
CVE-2024-7717 (The WP Events Manager plugin for WordPress is vulnerable to
time-based ...)
NOT-FOR-US: WordPress plugin
CVE-2024-0111 (NVIDIA CUDA Toolkit contains a vulnerability in command
'cuobjdump' wh ...)
- - nvidia-cuda-toolkit <unfixed>
+ - nvidia-cuda-toolkit <unfixed> (bug #1081905)
[bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
[bullseye] - nvidia-cuda-toolkit <ignored> (Non-free not supported)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5564
CVE-2024-0110 (NVIDIA CUDA Toolkit contains a vulnerability in command
`cuobjdump` wh ...)
- - nvidia-cuda-toolkit <unfixed>
+ - nvidia-cuda-toolkit <unfixed> (bug #1081905)
[bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
[bullseye] - nvidia-cuda-toolkit <ignored> (Non-free not supported)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5564
CVE-2024-0109 (NVIDIA CUDA Toolkit contains a vulnerability in command
`cuobjdump` wh ...)
- - nvidia-cuda-toolkit <unfixed>
+ - nvidia-cuda-toolkit <unfixed> (bug #1081905)
[bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
[bullseye] - nvidia-cuda-toolkit <ignored> (Non-free not supported)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5564
@@ -3750,7 +3750,7 @@ CVE-2024-44340 (D-Link DIR-846W A1 FW100A43 was
discovered to contain a remote c
NOT-FOR-US: D-Link
CVE-2024-43788 (Webpack is a module bundler. Its main purpose is to bundle
JavaScript ...)
[experimental] - node-webpack 5.94.0+dfsg1+~cs11.18.26-1
- - node-webpack <unfixed>
+ - node-webpack <unfixed> (bug #1081906)
[bookworm] - node-webpack <no-dsa> (Minor issue)
[bullseye] - node-webpack <postponed> (Minor issue; can be fixed in
next update)
NOTE:
https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986
@@ -16908,18 +16908,18 @@ CVE-2024-6501 (A flaw was found in NetworkManager.
When a system running Network
[bullseye] - network-manager <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2295734
CVE-2023-39329 (A flaw was found in OpenJPEG. A resource exhaustion can occur
in the o ...)
- - openjpeg2 <unfixed>
+ - openjpeg2 <unfixed> (bug #1081910)
[bookworm] - openjpeg2 <no-dsa> (Minor issue)
[bullseye] - openjpeg2 <no-dsa> (Minor issue)
NOTE: https://github.com/uclouvain/openjpeg/issues/1474
CVE-2023-39328 (A vulnerability was found in OpenJPEG similar to
CVE-2019-6988. This f ...)
- - openjpeg2 <unfixed>
+ - openjpeg2 <unfixed> (bug #1081909)
[bookworm] - openjpeg2 <no-dsa> (Minor issue)
[bullseye] - openjpeg2 <no-dsa> (Minor issue)
NOTE: https://github.com/uclouvain/openjpeg/issues/1471
NOTE: https://github.com/uclouvain/openjpeg/pull/1470
CVE-2023-39327 (A flaw was found in OpenJPEG. Maliciously constructed pictures
can cau ...)
- - openjpeg2 <unfixed>
+ - openjpeg2 <unfixed> (bug #1081908)
[bookworm] - openjpeg2 <no-dsa> (Minor issue)
[bullseye] - openjpeg2 <no-dsa> (Minor issue)
NOTE: https://github.com/uclouvain/openjpeg/issues/1472
@@ -24002,7 +24002,7 @@ CVE-2023-45188 (IBM Engineering Lifecycle Optimization
Publishing 7.0.2 and 7.03
CVE-2023-34003 (Missing Authorization vulnerability in Woo WooCommerce Box
Office.This ...)
NOT-FOR-US: WordPress plugin
CVE-2024-37535 (GNOME VTE before 0.76.3 allows an attacker to cause a denial
of servic ...)
- - vte <unfixed>
+ - vte <unfixed> (bug #1081907)
[bookworm] - vte <no-dsa> (Minor issue)
[bullseye] - vte <no-dsa> (Minor issue)
[buster] - vte <postponed> (Minor issue)
@@ -37150,7 +37150,7 @@ CVE-2023-51591 (Voltronic Power ViewPower Pro
doDocument XML External Entity Pro
CVE-2023-51590 (Voltronic Power ViewPower Pro UpLoadAction Unrestricted File
Upload Re ...)
NOT-FOR-US: Voltronic Power ViewPower Pro
CVE-2023-51589 (BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds
Read Infor ...)
- - bluez <unfixed>
+ - bluez <unfixed> (bug #1081912)
[bookworm] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
[bullseye] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
[buster] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
@@ -37172,7 +37172,7 @@ CVE-2023-51582 (Voltronic Power ViewPower
LinuxMonitorConsole Exposed Dangerous
CVE-2023-51581 (Voltronic Power ViewPower MacMonitorConsole Exposed Dangerous
Method R ...)
NOT-FOR-US: Voltronic Power ViewPower
CVE-2023-51580 (BlueZ Audio Profile AVRCP avrcp_parse_attribute_list
Out-Of-Bounds Rea ...)
- - bluez <unfixed>
+ - bluez <unfixed> (bug #1081911)
[bookworm] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
[bullseye] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
[buster] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/456c2afd0254ea1dfe706707ae275bebb2d6bc5d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/456c2afd0254ea1dfe706707ae275bebb2d6bc5d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
