[Git][security-tracker-team/security-tracker][master] bookworm triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Dec 12 14:33:10 GMT 2024



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
77b66633 by Moritz Muehlenhoff at 2024-12-12T15:32:51+01:00
bookworm triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2489,6 +2489,7 @@ CVE-2024-54134 (A publish-access account was compromised for `@solana/web3.js`,
 	NOT-FOR-US: @solana/web3.js
 CVE-2024-54132 (The GitHub CLI is GitHub\u2019s official command line tool. A security ...)
 	- gh <unfixed> (bug #1089120)
+	[bookworm] - gh <no-dsa> (Minor issue)
 	NOTE: https://github.com/cli/cli/security/advisories/GHSA-2m9h-r57g-45pj
 	NOTE: Merge commit: https://github.com/cli/cli/commit/1136764c369aaf0cae4ec2ee09dc35d871076932 (v2.63.1)
 CVE-2024-54002 (Dependency-Track is a Component Analysis platform that allows organiza ...)
@@ -3766,6 +3767,7 @@ CVE-2024-53859 (go-gh is a Go module for interacting with the `gh` utility and t
 	NOTE: https://github.com/cli/go-gh/security/advisories/GHSA-55v3-xh23-96gh
 CVE-2024-53858 (The gh cli is GitHub\u2019s official command line tool. A security vul ...)
 	- gh <unfixed> (bug #1088808)
+	[bookworm] - gh <no-dsa> (Minor issue)
 	NOTE: https://github.com/cli/cli/security/advisories/GHSA-jwcm-9g39-pmcw
 CVE-2024-53260 (Autolab is a course management service that enables auto-graded progra ...)
 	NOT-FOR-US: Autolab


=====================================
data/dsa-needed.txt
=====================================
@@ -19,6 +19,12 @@ chromium (dilinger)
 frr
   coordination with the maintainer ongoing
 --
+gst-plugins-base1.0 (jmm)
+--
+gst-plugins-good1.0
+--
+gstreamer1.0
+--
 jetty9
 --
 libreswan



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77b66633bd26c5e8cd5074a49723cff725c6cf5c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77b66633bd26c5e8cd5074a49723cff725c6cf5c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241212/feeaea60/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list