Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5238d9ea by Thorsten Alteholz at 2025-03-02T13:43:43+01:00
mark CVE-2024-53427 as postponed for Bullseye
- - - - -
596aae94 by Thorsten Alteholz at 2025-03-02T13:47:34+01:00
mark several CVEs of ffmpeg as postponed until fixed upstream
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1270,6 +1270,7 @@ CVE-2024-6810 (The Quiz Organizer plugin for WordPress is
vulnerable to Stored C
NOT-FOR-US: WordPress plugin
CVE-2024-53427 (decNumberCopy in decNumber.c in jq through 1.7.1 does not
properly con ...)
- jq <unfixed>
+ [bullseye] - jq <postponed> (Minor issue, wait until it's fixed
upstream)
NOTE: https://github.com/jqlang/jq/issues/3196
CVE-2024-52925 (In OPSWAT MetaDefender Kiosk before 4.7.0, arbitrary code
execution ca ...)
NOT-FOR-US: OPSWAT MetaDefender Kiosk
@@ -19125,14 +19126,17 @@ CVE-2024-12970 (Improper Neutralization of Special
Elements used in an OS Comman
CVE-2023-6605 (A flaw was found in FFmpeg's DASH playlist support. This
vulnerability ...)
- ffmpeg <unfixed>
[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in
the 5.1 branch)
+ [bullseye] - ffmpeg <postponed> (Minor issue, wait until it's fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334336
CVE-2023-6604 (A flaw was found in FFmpeg. This vulnerability allows
unexpected addit ...)
- ffmpeg <unfixed>
[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in
the 5.1 branch)
+ [bullseye] - ffmpeg <postponed> (Minor issue, wait until it's fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334337
CVE-2023-6601 (A flaw was found in FFmpeg's HLS demuxer. This vulnerability
allows by ...)
- ffmpeg <unfixed>
[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in
the 5.1 branch)
+ [bullseye] - ffmpeg <postponed> (Minor issue, wait until it's fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2253172
CVE-2024-56769 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
{DLA-4076-1 DLA-4075-1}
@@ -20330,10 +20334,12 @@ CVE-2023-48775 (Missing Authorization vulnerability
in Gfazioli WP Cleanfix allo
CVE-2023-6603 (A flaw was found in FFmpeg's HLS playlist parsing. This
vulnerability ...)
- ffmpeg <unfixed>
[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in
the 5.1 branch)
+ [bullseye] - ffmpeg <postponed> (Minor issue, wait until it's fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334335
CVE-2023-6602 (A flaw was found in FFmpeg's TTY Demuxer. This vulnerability
allows po ...)
- ffmpeg <unfixed>
[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in
the 5.1 branch)
+ [bullseye] - ffmpeg <postponed> (Minor issue, wait until it's fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2334338
CVE-2024-45497 (A flaw was found in the OpenShift build process, where the
docker-buil ...)
NOT-FOR-US: OpenShift
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ba30300b7853cdc1397d1183fc5c89e9e56e3acc...596aae949684bc829a62ffcac5df1482c2a113d5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ba30300b7853cdc1397d1183fc5c89e9e56e3acc...596aae949684bc829a62ffcac5df1482c2a113d5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
