[Git][security-tracker-team/security-tracker][master] salt removed from unstable

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b455aaed by Moritz Muehlenhoff at 2024-04-23T21:08:10+02:00
salt removed from unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39677,7 +39677,7 @@ CVE-2019-25155 (DOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks
 CVE-2015-20110 (JHipster generator-jhipster before 2.23.0 allows a timing attack again ...)
 	NOT-FOR-US: JHipster generator-jhipster
 CVE-2023-34049 [allows an attacker to force Salt-SSH to run their script]
-	- salt <unfixed> (bug #1055179)
+	- salt <removed> (bug #1055179)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security-announcements/2023-10-27-advisory/index.html
 CVE-2023-5844 (Unverified Password Change in GitHub repository pimcore/admin-ui-class ...)
@@ -62051,7 +62051,7 @@ CVE-2023-28370 (Open redirect vulnerability in Tornado versions 6.3.1 and earlie
 	[bookworm] - python-tornado <no-dsa> (Minor issue)
 	[bullseye] - python-tornado <no-dsa> (Minor issue)
 	[buster] - python-tornado <no-dsa> (Minor issue)
-	- salt <unfixed> (bug #1059297)
+	- salt <removed> (bug #1059297)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://github.com/tornadoweb/tornado/commit/32ad07c54e607839273b4e1819c347f5c8976b2f (v6.3.2)
 CVE-2023-27529 (Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an ...)
@@ -105648,11 +105648,11 @@ CVE-2023-20900 (A malicious actor that has been granted  Guest Operation Privile
 CVE-2023-20899 (VMware SD-WAN (Edge) contains a bypass authentication vulnerability. A ...)
 	NOT-FOR-US: VMware
 CVE-2023-20898 (Git Providers can read from the wrong environment because they get the ...)
-	- salt <unfixed> (bug #1051504)
+	- salt <removed> (bug #1051504)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security-announcements/2023-08-10-advisory/
 CVE-2023-20897 (Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. ...)
-	- salt <unfixed> (bug #1051504)
+	- salt <removed> (bug #1051504)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security-announcements/2023-08-10-advisory/
 	NOTE: https://github.com/saltstack/salt/issues/64061
@@ -170263,7 +170263,7 @@ CVE-2022-22968 (In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and
 	NOTE: https://tanzu.vmware.com/security/cve-2022-22968
 	NOTE: Only supported for building applications shipped in Debian, see README.Debian.security
 CVE-2022-22967 (An issue was discovered in SaltStack Salt in versions before 3002.9, 3 ...)
-	- salt <unfixed> (bug #1013872)
+	- salt <removed> (bug #1013872)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/e068a34ccb2e17ae7224f8016a24b727f726d4c8 (v3004.2)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b455aaedf7f58353495d8c6904cdaf3f149f2f08

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b455aaedf7f58353495d8c6904cdaf3f149f2f08
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240423/56ba04fd/attachment.htm>