[Git][security-tracker-team/security-tracker][master] bookworm triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Aug 20 14:05:12 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
78549882 by Moritz Muehlenhoff at 2024-08-20T15:04:20+02:00
bookworm triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -939,6 +939,7 @@ CVE-2024-43378 (calamares-nixos-extensions provides Calamares branding and modul
 	TODO: check
 CVE-2024-43370 (gettext.js is a GNU gettext port for node and the browser. There is a  ...)
 	- gettext.js 0.7.0-4 (bug #1078880)
+	[bookworm] - gettext.js <no-dsa> (Minor issue)
 	NOTE: https://github.com/guillaumepotier/gettext.js/security/advisories/GHSA-vwhg-jwr4-vxgg
 	NOTE: Fixed by: https://github.com/guillaumepotier/gettext.js/commit/6e52e0f8fa7d7c8b358e78b613d47ea332b8a56c (2.0.3)
 CVE-2024-43369 (Ibexa RichText Field Type is a Field Type for supporting rich formatte ...)
@@ -1198,6 +1199,7 @@ CVE-2024-43275 (Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts In
 	NOT-FOR-US: Xyzscripts Insert PHP Code Snippet
 CVE-2024-42353 (WebOb provides objects for HTTP requests and responses. When WebOb nor ...)
 	- python-webob <unfixed> (bug #1078879)
+	[bookworm] - python-webob <no-dsa> (Minor issue)
 	NOTE: https://github.com/Pylons/webob/security/advisories/GHSA-mg3v-6m49-jhp3
 	NOTE: Fixed by: https://github.com/Pylons/webob/commit/f689bcf4f0a1f64f1735b1d5069aef5be6974b5b (1.8.8)
 CVE-2024-25024 (IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pa ...)
@@ -2299,6 +2301,7 @@ CVE-2024-7680 (A vulnerability was found in itsourcecode Tailoring Management Sy
 	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2024-5651 (A flaw was found in fence agents that rely on SSH/Telnet. This vulnera ...)
 	- fence-agents <unfixed> (bug #1078970)
+	[bookworm] - fence-agents <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2290540
 CVE-2024-5527 (Zohocorp ManageEngine ADAudit Plus versions below8110 are vulnerable t ...)
 	NOT-FOR-US: Zohocorp ManageEngine ADAudit Plus



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78549882b2fbbfbdce6959c09e09c0be748df7b7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78549882b2fbbfbdce6959c09e09c0be748df7b7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240820/7d3fdbec/attachment.htm>

More information about the debian-security-tracker-commits mailing list