[Git][security-tracker-team/security-tracker][master] 3 commits: data/dla-needed.txt: Triage gstreamer1.0 for bullseye LTS (CVE-2024-47606)

Chris Lamb (@lamby) lamby at debian.org
Sat Dec 14 10:44:05 GMT 2024 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d6c46c5e by Chris Lamb at 2024-12-14T10:43:00+00:00
data/dla-needed.txt: Triage gstreamer1.0 for bullseye LTS (CVE-2024-47606)

- - - - -
d0a25417 by Chris Lamb at 2024-12-14T10:43:18+00:00
Triage CVE-2024-50336 in thunderbird for bullseye LTS.

- - - - -
9b64e80a by Chris Lamb at 2024-12-14T10:43:38+00:00
data/dla-needed.txt: Triage node-postcss for bullseye LTS (CVE-2021-23566)

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -9591,6 +9591,7 @@ CVE-2024-50336 (matrix-js-sdk is a Matrix messaging protocol Client-Server SDK f
 	- node-matrix-js-sdk <removed>
 	- thunderbird <unfixed>
 	[bookworm] - thunderbird <no-dsa> (Minor issue; can be fixed in January thunderbird update)
+	[bullseye] - thunderbird <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-69/#CVE-2024-50336
 CVE-2024-50331 (An out-of-bounds read vulnerability in Ivanti Avalanche before 6.4.6 a ...)
 	NOT-FOR-US: Ivanti


=====================================
data/dla-needed.txt
=====================================
@@ -106,6 +106,9 @@ gst-plugins-good1.0
   NOTE: 20241213: Added by Front-Desk (lamby)
   NOTE: 20241213: See also gst-plugins-base1.0 (lamby)
 --
+gstreamer1.0
+  NOTE: 20241214: Added by Front-Desk (lamby)
+--
 gunicorn
   NOTE: 20241206: Added by coordinator (roberto)
   NOTE: 20241206: CVE-2024-1135 was fixed in buster, is still open (no-dsa) in bullseye and bookworm
@@ -141,6 +144,9 @@ mosquitto (Abhijith PA)
   NOTE: 20241110: Added by Front-Desk (apo)
   NOTE: 20241126: Backporting CVE-2024-3935 (abhijith)
 --
+node-postcss
+  NOTE: 20241214: Added by Front-Desk (lamby)
+--
 nvidia-cuda-toolkit
   NOTE: 20241004: Added by Front-Desk (Beuc)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cd4f11d643d1a5952c7bdeded8fe4b1932684e54...9b64e80a4e1ca12af90d7b3432076c6c0f1eca21

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cd4f11d643d1a5952c7bdeded8fe4b1932684e54...9b64e80a4e1ca12af90d7b3432076c6c0f1eca21
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241214/3bb4a6b6/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list