[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Feb 7 12:54:41 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5790e7d1 by Moritz Muehlenhoff at 2023-02-07T13:54:27+01:00
bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -7620,6 +7620,7 @@ CVE-2023-22800
CVE-2023-22799
RESERVED
- ruby-globalid <unfixed> (bug #1029851)
+ [bullseye] - ruby-globalid <no-dsa> (Minor issue)
NOTE: https://discuss.rubyonrails.org/t/cve-2023-22799-possible-redos-based-dos-vulnerability-in-globalid/82127
NOTE: https://github.com/rails/globalid/commit/3bc4349422e60f2235876a59dd415e98b072eb2b (v1.1.0)
CVE-2023-22798
@@ -15551,11 +15552,13 @@ CVE-2022-46491 (A Cross-Site Request Forgery (CSRF) vulnerability in the Add Adm
NOT-FOR-US: nbnbk
CVE-2022-46490 (GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contai ...)
- gpac <unfixed>
+ [bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2327
NOTE: https://github.com/gpac/gpac/commit/8968a510250e8c70a611221d63fe0a45b7d3a551 (v2.2.0)
CVE-2022-46489 (GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contai ...)
- gpac <unfixed>
+ [bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2328
NOTE: https://github.com/gpac/gpac/commit/44e8616ec6d0c37498cdacb81375b09249fa9daa (v2.2.0)
=====================================
data/dsa-needed.txt
=====================================
@@ -20,6 +20,8 @@ frr
--
haproxy (carnil)
--
+imagemagick (jmm)
+--
jupyter-core
Maintainer asked for availability to prepare updates
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5790e7d1be5c9ef84935d7ef5bb8e86633caa37b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5790e7d1be5c9ef84935d7ef5bb8e86633caa37b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230207/a48c12aa/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list