[Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Aug 14 11:59:27 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
59da10a9 by Moritz Muehlenhoff at 2024-08-14T12:58:46+02:00
bookworm/bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -386,19 +386,22 @@ CVE-2024-6823 (The Media Library Assistant plugin for WordPress is vulnerable to
CVE-2024-6724 (The Generate Images WordPress plugin before 5.2.8 does not sanitise a ...)
NOT-FOR-US: WordPress plugin
CVE-2024-43360 (ZoneMinder is a free, open source closed-circuit television software a ...)
- - zoneminder <unfixed>
+ - zoneminder <unfixed> (unimportant)
+ NOTE: Only supported for trusted users/behind auth
NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-9cmr-7437-v9fj
NOTE: https://github.com/ZoneMinder/zoneminder/commit/677f6a31551f128554f7b0110a52fd76453a657a (1.36.34)
NOTE: https://github.com/ZoneMinder/zoneminder/commit/bb07118118e23b5670c2c18be8be2cc6b8529397 (1.36.34)
NOTE: https://github.com/ZoneMinder/zoneminder/commit/a194fe81d34c5eea2ab1dc18dc8df615fca634a6 (1.37.61)
NOTE: https://github.com/ZoneMinder/zoneminder/commit/de8f387207e9c506e8e8007eda725741a25601c5 (1.37.61)
CVE-2024-43359 (ZoneMinder is a free, open source closed-circuit television software a ...)
- - zoneminder <unfixed>
+ - zoneminder <unfixed> (unimportant)
+ NOTE: Only supported for trusted users/behind auth
NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-pjjm-3qxp-6hj8
NOTE: https://github.com/ZoneMinder/zoneminder/commit/6cc64dddff6144a98680f65ecf8dc249028431af (1.36.34)
NOTE: https://github.com/ZoneMinder/zoneminder/commit/b51c5df0cb869ca48fccfc6e6fd7c19bf717ecd2 (1.37.61)
CVE-2024-43358 (ZoneMinder is a free, open source closed-circuit television software a ...)
- - zoneminder <unfixed>
+ - zoneminder <unfixed> (unimportant)
+ NOTE: Only supported for trusted users/behind auth
NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-6rrw-66rf-6g5f
NOTE: https://github.com/ZoneMinder/zoneminder/commit/062cf568a33fb6a8604ec327b1de8bb2e0d1ff77 (1.36.34)
NOTE: https://github.com/ZoneMinder/zoneminder/commit/4602cd0470a3b90b18bcc44b3c86d963872d1ba0 (1.37.61)
@@ -9855,6 +9858,8 @@ CVE-2024-6382 (Incorrect handling of certain string inputs may result in MongoDB
NOT-FOR-US: MongoDB rust driver
CVE-2024-6381 (The bson_strfreev function in the MongoDB C driver library may be susc ...)
- mongo-c-driver 1.26.2-1
+ [bookworm] - mongo-c-driver <no-dsa> (Minor issue)
+ [bullseye] - mongo-c-driver <no-dsa> (Minor issue)
NOTE: https://jira.mongodb.org/browse/CDRIVER-5622
CVE-2024-6341
REJECTED
=====================================
data/dsa-needed.txt
=====================================
@@ -96,6 +96,10 @@ ruby-tzinfo/oldstable
--
setuptools
--
+smarty3
+--
+smarty4
+--
squid
--
tinyproxy/oldstable
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59da10a97af219d8e4d0fe2f27ddbf3fbee30dd8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59da10a97af219d8e4d0fe2f27ddbf3fbee30dd8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240814/a5112b56/attachment.htm>
More information about the debian-security-tracker-commits
mailing list