[Git][security-tracker-team/security-tracker][master] 2 commits: Process one NFU

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Apr 26 08:45:37 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dbb794a4 by Salvatore Bonaccorso at 2022-04-26T09:45:19+02:00
Process one NFU

- - - - -
116d8852 by Salvatore Bonaccorso at 2022-04-26T09:45:20+02:00
Add CVE-2022-24758/jupyter-notebook

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10167,7 +10167,7 @@ CVE-2022-0762 (Business Logic Errors in GitHub repository microweber/microweber
 CVE-2021-4224
 	RESERVED
 CVE-2022-26111 (The BeanShell components of IRISNext through 9.8.28 allow execution of ...)
-	TODO: check
+	NOT-FOR-US: IRISNext
 CVE-2022-26110 (An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before  ...)
 	{DLA-2984-1}
 	- condor <unfixed> (bug #1008634)
@@ -13806,7 +13806,8 @@ CVE-2022-24760 (Parse Server is an open source http web server backend. In versi
 CVE-2022-24759 (`@chainsafe/libp2p-noise` contains TypeScript implementation of noise  ...)
 	NOT-FOR-US: chainsafe/libp2p-noise
 CVE-2022-24758 (The Jupyter notebook is a web-based notebook environment for interacti ...)
-	TODO: check
+	- jupyter-notebook <unfixed>
+	NOTE: https://github.com/jupyter/notebook/security/advisories/GHSA-m87f-39q9-6f55
 CVE-2022-24757 (The Jupyter Server provides the backend (i.e. the core services, APIs, ...)
 	- jupyter-server 1.16.0-1 (bug #1008319)
 	NOTE: https://github.com/jupyter-server/jupyter_server/commit/a5683aca0b0e412672ac6218d09f74d44ca0de5a (v1.15.4)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/208f5f03df584ea9e24b2b020f6fb548880fafff...116d88525bd8f126a3a5f5548542742941f0a6c3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/208f5f03df584ea9e24b2b020f6fb548880fafff...116d88525bd8f126a3a5f5548542742941f0a6c3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220426/1c39d848/attachment.htm>


More information about the debian-security-tracker-commits mailing list