[Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Nov 16 20:28:35 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1acf5ec2 by Moritz Muehlenhoff at 2023-11-16T21:27:57+01:00
bullseye/bookworm triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -2192,6 +2192,8 @@ CVE-2023-5707 (The SEO Slider plugin for WordPress is vulnerable to Stored Cross
NOT-FOR-US: WordPress plugin
CVE-2023-5088 (A bug in QEMU could cause a guest I/O operation otherwise addressed to ...)
- qemu 1:8.1.1+ds-2
+ [bookworm] - qemu <no-dsa> (Minor issue)
+ [bullseye] - qemu <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2247283
NOTE: https://lore.kernel.org/all/20230921160712.99521-1-simon.rowe@nutanix.com/T/
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2023-09/msg01011.html
@@ -28708,9 +28710,13 @@ CVE-2023-2089 (A vulnerability was found in SourceCodester Complaint Management
NOT-FOR-US: SourceCodester Complaint Management System
CVE-2023-2088 (A flaw was found in OpenStack due to an inconsistency between Cinder a ...)
- cinder 2:21.1.0-3 (bug #1035961)
+ [bullseye] - cinder <no-dsa> (Minor issue)
- python-glance-store 4.1.0-4 (bug #1035962; bug #1035978)
+ [bullseye] - python-glance-store <no-dsa> (Minor issue)
- nova 2:26.1.0-4 (bug #1035963; bug #1035981)
+ [bullseye] - nova <no-dsa> (Minor issue)
- python-os-brick 4.1.0-3 (bug #1035932)
+ [bullseye] - python-os-brick <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2023/05/10/5
NOTE: https://bugs.launchpad.net/nova/+bug/2004555
CVE-2023-2087 (The Essential Blocks plugin for WordPress is vulnerable to Cross-Site ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -11,8 +11,6 @@ To pick an issue, simply add your uid behind it.
If needed, specify the release by adding a slash after the name of the source package.
---
-cinder/oldstable
--
cryptojs
--
@@ -23,7 +21,7 @@ fastdds
--
gimp (carnil)
--
-gpac/oldstable (jmm)
+gpac/oldstable
--
gst-plugins-bad1.0 (carnil)
--
@@ -47,8 +45,6 @@ nghttp2
nodejs
maintainer proposed to follow the upstream 18.x LTS branch
--
-nova/oldstable
---
php-cas/oldstable
--
php-horde-mime-viewer/oldstable
@@ -63,10 +59,6 @@ python3.11/stable
--
python3.9/oldstable
--
-python-glance-store/oldstable
---
-python-os-brick/oldstable
---
redmine/stable
--
ring
@@ -96,7 +88,7 @@ squid
--
tiff (aron)
--
-tor
+tor (jmm)
--
webkit2gtk (berto)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1acf5ec2fd721052131499f888e5501c18634f1c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1acf5ec2fd721052131499f888e5501c18634f1c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231116/7feb8fd3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list