Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e17e5e2a by Moritz Muehlenhoff at 2024-11-25T10:52:49+01:00
bookworm triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,6 @@
 CVE-2024-53901 (The Imager package before 1.025 for Perl has a heap-based 
buffer overf ...)
        - libimager-perl 1.025+dfsg-1
+       [bookworm] - libimager-perl <no-dsa> (Minor issue)
        NOTE: https://github.com/tonycoz/imager/issues/534
        NOTE: 
https://github.com/tonycoz/imager/commit/7851737838aa86113b276aea02729cc1f6e9eed0
 (v1.025)
        NOTE: https://github.com/briandfoy/cpan-security-advisory/issues/167
@@ -1076,9 +1077,11 @@ CVE-2024-52765 (H3C GR-1800AX MiniGRW1B0V100R007 is 
vulnerable to remote code ex
        NOT-FOR-US: H3C GR-1800AX MiniGRW1B0V100R007
 CVE-2024-52763 (A cross-site scripting (XSS) vulnerability in the component 
/graph_all ...)
        - ganglia-web <unfixed>
+       [bookworm] - ganglia-web <postponed> (Minor issue, revisit when fixed 
upstream)
        NOTE: https://github.com/ganglia/ganglia-web/issues/382
 CVE-2024-52762 (A cross-site scripting (XSS) vulnerability in the component 
/master/he ...)
        - ganglia-web <unfixed>
+       [bookworm] - ganglia-web <postponed> (Minor issue, revisit when fixed 
upstream)
        NOTE: https://github.com/ganglia/ganglia-web/issues/382
 CVE-2024-52757 (D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer 
overflow ...)
        NOT-FOR-US: D-LINK


=====================================
data/dsa-needed.txt
=====================================
@@ -27,13 +27,15 @@ linux (carnil)
 opennds
   pinged maintainer, but no reply yet. should most probably be bumped to 10.x
 --
-php8.2
+php8.2 (jmm)
 --
 python-aiohttp (jmm)
 --
+python-tornado
+--
 ring
 --
-smarty3
+smarty3 (jmm)
   Tobias Frost posted a debdiff for review addressing CVE-2023-28447 and 
CVE-2024-35226
 --
 smarty4



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e17e5e2abbab32e25994ab5be3f247f30029830c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e17e5e2abbab32e25994ab5be3f247f30029830c
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to