[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-XXXX/snort: bullseye end-of-life, package was removed in 11.10

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Tue Aug 6 21:56:18 BST 2024 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2dbf6a31 by Sylvain Beucler at 2024-08-06T22:55:52+02:00
CVE-2022-XXXX/snort: bullseye end-of-life, package was removed in 11.10

- - - - -
94df7ddc by Sylvain Beucler at 2024-08-06T22:55:53+02:00
salt: bullseye end-of-life, package was removed in 11.10

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9415,9 +9415,11 @@ CVE-2024-23765 (An issue was discovered on HMS Anybus X-Gateway AB7832-F 3 devic
 	NOT-FOR-US: HMS Anybus X-Gateway AB7832-F
 CVE-2024-22232 (A specially crafted url can be created which leads to a directory trav ...)
 	- salt <removed>
+	[bullseye] - salt <end-of-life> (EOL in bullseye)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 CVE-2024-22231 (Syndic cache directory creation is vulnerable to a directory traversal ...)
 	- salt <removed>
+	[bullseye] - salt <end-of-life> (EOL in bullseye)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 CVE-2024-1839 (Intrado 911 Emergency Gateway login form is vulnerable to an unauthent ...)
 	NOT-FOR-US: Intrado 911 Emergency Gateway
@@ -72344,6 +72346,7 @@ CVE-2015-20110 (JHipster generator-jhipster before 2.23.0 allows a timing attack
 	NOT-FOR-US: JHipster generator-jhipster
 CVE-2023-34049 [allows an attacker to force Salt-SSH to run their script]
 	- salt <removed> (bug #1055179)
+	[bullseye] - salt <end-of-life> (EOL in bullseye)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security-announcements/2023-10-27-advisory/index.html
 CVE-2023-5844 (Unverified Password Change in GitHub repository pimcore/admin-ui-class ...)
@@ -94735,6 +94738,7 @@ CVE-2023-28370 (Open redirect vulnerability in Tornado versions 6.3.1 and earlie
 	[bullseye] - python-tornado <no-dsa> (Minor issue)
 	[buster] - python-tornado <no-dsa> (Minor issue)
 	- salt <removed> (bug #1059297)
+	[bullseye] - salt <end-of-life> (EOL in bullseye)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://github.com/tornadoweb/tornado/commit/32ad07c54e607839273b4e1819c347f5c8976b2f (v6.3.2)
 CVE-2023-27529 (Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an ...)
@@ -138368,10 +138372,12 @@ CVE-2023-20899 (VMware SD-WAN (Edge) contains a bypass authentication vulnerabil
 	NOT-FOR-US: VMware
 CVE-2023-20898 (Git Providers can read from the wrong environment because they get the ...)
 	- salt <removed> (bug #1051504)
+	[bullseye] - salt <end-of-life> (EOL in bullseye)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security-announcements/2023-08-10-advisory/
 CVE-2023-20897 (Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. ...)
 	- salt <removed> (bug #1051504)
+	[bullseye] - salt <end-of-life> (EOL in bullseye)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security-announcements/2023-08-10-advisory/
 	NOTE: https://github.com/saltstack/salt/issues/64061
@@ -182393,6 +182399,7 @@ CVE-2022-1390 (The Admin Word Count Column WordPress plugin through 2.2 does not
 	NOT-FOR-US: WordPress plugin
 CVE-2022-XXXX [snort privilege escalation due to insecure use of logrotate]
 	- snort <unfixed> (bug #1009820)
+	[bullseye] - snort <end-of-life> (EOL in bullseye)
 	[buster] - snort <no-dsa> (Minor issue)
 	[stretch] - snort <no-dsa> (Minor issue)
 CVE-2022-29502 (SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control tha ...)
@@ -203048,6 +203055,7 @@ CVE-2022-22968 (In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and
 	NOTE: Only supported for building applications shipped in Debian, see README.Debian.security
 CVE-2022-22967 (An issue was discovered in SaltStack Salt in versions before 3002.9, 3 ...)
 	- salt <removed> (bug #1013872)
+	[bullseye] - salt <end-of-life> (EOL in bullseye)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security_announcements/salt-security-advisory-release-june-21st-2022/
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/e068a34ccb2e17ae7224f8016a24b727f726d4c8 (v3004.2)
@@ -203115,6 +203123,7 @@ CVE-2022-22942 (The vmwgfx driver contains a local privilege escalation vulnerab
 	NOTE: https://github.com/opensrcsec/same_type_object_reuse_exploits/blob/main/cve-2022-22942.c
 CVE-2022-22941 (An issue was discovered in SaltStack Salt in versions before 3002.8, 3 ...)
 	- salt 3004.1+dfsg-1 (bug #1008945)
+	[bullseye] - salt <end-of-life> (EOL in bullseye)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security_announcements/salt-security-advisory-release/
 CVE-2022-22940
@@ -203127,14 +203136,17 @@ CVE-2022-22937
 	RESERVED
 CVE-2022-22936 (An issue was discovered in SaltStack Salt in versions before 3002.8, 3 ...)
 	- salt 3004.1+dfsg-1 (bug #1008945)
+	[bullseye] - salt <end-of-life> (EOL in bullseye)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security_announcements/salt-security-advisory-release/
 CVE-2022-22935 (An issue was discovered in SaltStack Salt in versions before 3002.8, 3 ...)
 	- salt 3004.1+dfsg-1 (bug #1008945)
+	[bullseye] - salt <end-of-life> (EOL in bullseye)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security_announcements/salt-security-advisory-release/
 CVE-2022-22934 (An issue was discovered in SaltStack Salt in versions before 3002.8, 3 ...)
 	- salt 3004.1+dfsg-1 (bug #1008945)
+	[bullseye] - salt <end-of-life> (EOL in bullseye)
 	[buster] - salt <end-of-life> (EOL in buster LTS)
 	NOTE: https://saltproject.io/security_announcements/salt-security-advisory-release/
 CVE-2022-22933



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0f3baa0e478d28ec07616dfa925f86e3324789d6...94df7ddca336cc27e3a4958a0e6ff1847adad55d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0f3baa0e478d28ec07616dfa925f86e3324789d6...94df7ddca336cc27e3a4958a0e6ff1847adad55d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240806/3421f08c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list