[Git][security-tracker-team/security-tracker][master] bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Dec 6 15:40:31 GMT 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b2b74b4f by Moritz Muehlenhoff at 2024-12-06T16:40:06+01:00
bookworm triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -5274,7 +5274,7 @@ CVE-2024-52511 (Nextcloud Tables allows users to to create tables with individua
NOT-FOR-US: Nextcloud Tables
CVE-2024-52510 (The Nextcloud Desktop Client is a tool to synchronize files from Nextc ...)
- nextcloud-desktop 3.15.0-1 (bug #1087885)
- [bookworm] - nextcloud-desktop <no-dsa> (Minor issue)
+ [bookworm] - nextcloud-desktop <ignored> (Minor issue, too intrusive to backport)
[bullseye] - nextcloud-desktop <postponed> (Minor issue)
NOTE: https://github.com/nextcloud/security-advisories/security/advisories/GHSA-r4qc-m9mj-452v
NOTE: https://github.com/nextcloud/desktop/pull/7333
@@ -12638,6 +12638,7 @@ CVE-2024-9987 (A post-authentication SQL Injection vulnerability within the filt
NOT-FOR-US: Pandora FMS
CVE-2024-53899 (virtualenv before 20.26.6 allows command injection through the activat ...)
- python-virtualenv 20.26.6+ds-1
+ [bookworm] - python-virtualenv <no-dsa> (Minor issue)
[bullseye] - python-virtualenv <postponed> (Minor issue)
NOTE: https://github.com/pypa/virtualenv/issues/2768
NOTE: https://github.com/pypa/virtualenv/pull/2771
=====================================
data/dsa-needed.txt
=====================================
@@ -32,6 +32,8 @@ linux (carnil)
--
mosquitto
--
+openafs
+--
opennds
pinged maintainer, but no reply yet. should most probably be bumped to 10.x
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2b74b4f470e123d3b08c12dc25f7dff6e5ec7e6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2b74b4f470e123d3b08c12dc25f7dff6e5ec7e6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241206/2a6f860f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list