[Git][security-tracker-team/security-tracker][master] Track python-tornado update via bookworm-pu

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 31 08:17:39 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
36e00570 by Salvatore Bonaccorso at 2024-12-31T09:17:03+01:00
Track python-tornado update via bookworm-pu

- - - - -


3 changed files:

- data/CVE/list
- data/dsa-needed.txt
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -9427,6 +9427,7 @@ CVE-2024-52814 (Argo Helm is a collection of community maintained charts for `ar
 	NOT-FOR-US: Argo Helm
 CVE-2024-52804 (Tornado is a Python web framework and asynchronous networking library. ...)
 	- python-tornado 6.4.2-1 (bug #1088112)
+	[bookworm] - python-tornado <no-dsa> (will be fixed via point release)
 	NOTE: https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c
 	NOTE: Fixed by: https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533 (v6.4.2)
 CVE-2024-52802 (RIOT is an operating system for internet of things (IoT) devices. In v ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -44,8 +44,6 @@ php-laravel-framework
 python-django
   Chris is working on it
 --
-python-tornado
---
 ring
 --
 sogo


=====================================
data/next-point-update.txt
=====================================
@@ -183,3 +183,7 @@ CVE-2023-52389
 	[bookworm] - poco 1.11.0-3+deb12u1
 CVE-2024-6345
 	[bookworm] - setuptools 66.1.1-1+deb12u1
+CVE-2024-52804
+	[bookworm] - python-tornado 6.2.0-3+deb12u1
+CVE-2023-28370
+	[bookworm] - python-tornado 6.2.0-3+deb12u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36e00570245aa841494305576d4fe66faef8e084

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36e00570245aa841494305576d4fe66faef8e084
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241231/1973a0e5/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list