[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2024-39684 and CVE-2024-38517 as postponed for Bullseye
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Sun Aug 25 16:37:59 BST 2024
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e7d65ef2 by Thorsten Alteholz at 2024-08-25T17:34:40+02:00
mark CVE-2024-39684 and CVE-2024-38517 as postponed for Bullseye
- - - - -
da038071 by Thorsten Alteholz at 2024-08-25T17:36:10+02:00
mark CVE-2024-43380 as postponed for Bullseye
- - - - -
fdfebced by Thorsten Alteholz at 2024-08-25T17:37:16+02:00
mark CVE-2023-35934 as postponed for Bullseye
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1533,6 +1533,7 @@ CVE-2024-43399 (Mobile Security Framework (MobSF) is a pen-testing, malware anal
CVE-2024-43380 (fugit contains time tools for flor and the floraison group. The fugit ...)
- ruby-fugit <unfixed>
[bookworm] - ruby-fugit <no-dsa> (Minor issue)
+ [bullseye] - ruby-fugit <postponed> (Minor issue)
NOTE: https://github.com/floraison/fugit/security/advisories/GHSA-2m96-52r3-2f3g
NOTE: https://github.com/floraison/fugit/issues/104
NOTE: https://github.com/floraison/fugit/commit/6a7527497c0bb9196efe503e3d9b5271128a8ee1 (v1.11.1)
@@ -11659,6 +11660,7 @@ CVE-2024-39697 (phonenumber is a library for parsing, formatting and validating
CVE-2024-39684 (Tencent RapidJSON is vulnerable to privilege escalation due to an inte ...)
- rapidjson <unfixed>
[bookworm] - rapidjson <no-dsa> (Minor issue)
+ [bullseye] - rapidjson <postponed> (Minor issue)
NOTE: https://github.com/Tencent/rapidjson/issues/2289
CVE-2024-39675 (A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < ...)
NOT-FOR-US: Siemens
@@ -11689,6 +11691,7 @@ CVE-2024-38867 (A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300)
CVE-2024-38517 (Tencent RapidJSON is vulnerable to privilege escalation due to an inte ...)
- rapidjson <unfixed>
[bookworm] - rapidjson <no-dsa> (Minor issue)
+ [bullseye] - rapidjson <postponed> (Minor issue)
NOTE: https://github.com/Tencent/rapidjson/pull/1261
CVE-2024-38363 (Airbyte is a data integration platform for ELT pipelines. Airbyte conn ...)
NOT-FOR-US: Airbyte
@@ -95073,6 +95076,7 @@ CVE-2023-35934 (yt-dlp is a command-line program to download videos from video s
[bullseye] - yt-dlp <no-dsa> (Minor issue)
- youtube-dl <removed> (bug #1079502)
[bookworm] - youtube-dl <no-dsa> (Minor issue)
+ [bullseye] - youtube-dl <postponed> (Minor issue)
NOTE: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj
NOTE: https://github.com/yt-dlp/yt-dlp/commit/1ceb657bdd254ad961489e5060f2ccc7d556b729
NOTE: https://github.com/yt-dlp/yt-dlp/commit/3121512228487c9c690d3d39bfd2579addf96e07
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/75792ed309ce25d5a04164350d80f8c2ac80f817...fdfebcedb963c97d16c22f596725b15dcd2005c4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/75792ed309ce25d5a04164350d80f8c2ac80f817...fdfebcedb963c97d16c22f596725b15dcd2005c4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240825/83df10bd/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list