[Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Nov 16 12:04:27 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f01e3f85 by Moritz Muehlenhoff at 2023-11-16T12:44:50+01:00
bullseye/bookworm triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -28,6 +28,8 @@ CVE-2023-47638
REJECTED
CVE-2023-47471 (Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a ...)
- libde265 <unfixed>
+ [bookworm] - libde265 <no-dsa> (Minor issue)
+ [bullseye] - libde265 <no-dsa> (Minor issue)
NOTE: https://github.com/strukturag/libde265/issues/426
NOTE: https://github.com/strukturag/libde265/commit/e36b4a1b0bafa53df47514c419d5be3e8916ebc7
CVE-2023-47470 (Buffer Overflow vulnerability in Ffmpeg before github commit 456574705 ...)
@@ -416,7 +418,7 @@ CVE-2023-46096 (A vulnerability has been identified in SIMATIC PCS neo (All vers
CVE-2023-45794 (A vulnerability has been identified in Mendix Applications using Mendi ...)
NOT-FOR-US: Siemens
CVE-2023-45684 (Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. ...)
- - cfengine3 <unfixed>
+ - cfengine3 <not-affected> (Only affects CFEngine Enterprise)
NOTE: https://cfengine.com/blog/2023/cve-2023-45684/
CVE-2023-45585 (An insertion of sensitive information into log file vulnerability [CWE ...)
NOT-FOR-US: FortiGuard
=====================================
data/dsa-needed.txt
=====================================
@@ -14,6 +14,10 @@ If needed, specify the release by adding a slash after the name of the source pa
--
cinder/oldstable
--
+cryptojs
+--
+dnsdist (jmm)
+--
fastdds
Awaiting feedback from maintainer on bullseye status
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f01e3f858260623a2b8e5ef899e6da388c48085d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f01e3f858260623a2b8e5ef899e6da388c48085d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231116/98d71204/attachment.htm>
More information about the debian-security-tracker-commits
mailing list