[Git][security-tracker-team/security-tracker][master] bullseye LTS triaging - fop, assimp

Sun, 20 Oct 2024 17:53:16 -0700 


Santiago R.R. pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4dce5c0b by Santiago Ruano Rincón at 2024-10-20T21:43:35-03:00
bullseye LTS triaging - fop, assimp

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2997,6 +2997,7 @@ CVE-2023-52952 (A vulnerability has been identified in 
HiMed Cockpit 12 pro (J31
 CVE-2024-28168 (Improper Restriction of XML External Entity Reference ('XXE') 
vulnerab ...)
        - fop <unfixed> (bug #1084985)
        [bookworm] - fop <no-dsa> (Minor issue)
+       [bullseye] - fop <postponed> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2024/10/09/1
        NOTE: https://issues.apache.org/jira/browse/FOP-3168
        NOTE: 
https://github.com/apache/xmlgraphics-fop/commit/d96ba9a11710d02716b6f4f6107ebfa9ccec7134
 (2_10)
@@ -5279,6 +5280,7 @@ CVE-2024-47003 (Mattermost versions 9.11.x <= 9.11.0 and 
9.5.x <= 9.5.8 fail to
 CVE-2024-46632 (Assimp v5.4.3 is vulnerable to Buffer Overflow via the 
MD5Importer::Lo ...)
        - assimp <unfixed> (bug #1082857)
        [bookworm] - assimp <no-dsa> (Minor issue)
+       [bullseye] - assimp <postponed> (Minor issue)
        NOTE: https://github.com/assimp/assimp/issues/5771
 CVE-2024-46627 (Incorrect access control in BECN DATAGERRY v2.2 allows 
attackers to ex ...)
        NOT-FOR-US: BECN DATAGERRY



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4dce5c0b9f97cabb5e4bab1c8b8da153b6661b03

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4dce5c0b9f97cabb5e4bab1c8b8da153b6661b03
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to