[Git][security-tracker-team/security-tracker][master] 2 commits: Process one NFU
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Apr 26 08:45:37 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dbb794a4 by Salvatore Bonaccorso at 2022-04-26T09:45:19+02:00
Process one NFU
- - - - -
116d8852 by Salvatore Bonaccorso at 2022-04-26T09:45:20+02:00
Add CVE-2022-24758/jupyter-notebook
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10167,7 +10167,7 @@ CVE-2022-0762 (Business Logic Errors in GitHub repository microweber/microweber
CVE-2021-4224
RESERVED
CVE-2022-26111 (The BeanShell components of IRISNext through 9.8.28 allow execution of ...)
- TODO: check
+ NOT-FOR-US: IRISNext
CVE-2022-26110 (An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before ...)
{DLA-2984-1}
- condor <unfixed> (bug #1008634)
@@ -13806,7 +13806,8 @@ CVE-2022-24760 (Parse Server is an open source http web server backend. In versi
CVE-2022-24759 (`@chainsafe/libp2p-noise` contains TypeScript implementation of noise ...)
NOT-FOR-US: chainsafe/libp2p-noise
CVE-2022-24758 (The Jupyter notebook is a web-based notebook environment for interacti ...)
- TODO: check
+ - jupyter-notebook <unfixed>
+ NOTE: https://github.com/jupyter/notebook/security/advisories/GHSA-m87f-39q9-6f55
CVE-2022-24757 (The Jupyter Server provides the backend (i.e. the core services, APIs, ...)
- jupyter-server 1.16.0-1 (bug #1008319)
NOTE: https://github.com/jupyter-server/jupyter_server/commit/a5683aca0b0e412672ac6218d09f74d44ca0de5a (v1.15.4)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/208f5f03df584ea9e24b2b020f6fb548880fafff...116d88525bd8f126a3a5f5548542742941f0a6c3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/208f5f03df584ea9e24b2b020f6fb548880fafff...116d88525bd8f126a3a5f5548542742941f0a6c3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220426/1c39d848/attachment.htm>
More information about the debian-security-tracker-commits
mailing list