[Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Feb 19 13:28:46 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
666a81a2 by Moritz Muehlenhoff at 2024-02-19T14:28:13+01:00
bookworm/bullseye triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -10,6 +10,8 @@ CVE-2024-24722 (An unquoted service path vulnerability in the 12d Synergy Server
 	TODO: check
 CVE-2022-48624 (close_altfile in filename.c in less before 606 omits shell_quote calls ...)
 	- less <unfixed>
+	[bookworm] - less <no-dsa> (Minor issue)
+	[bullseye] - less <no-dsa> (Minor issue)
 	NOTE: https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144 (v606)
 CVE-2020-36774 (plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x b ...)
 	- glade 3.38.2-1
@@ -32,6 +34,7 @@ CVE-2024-25083 (An issue was discovered in BeyondTrust Privilege Management for
 	NOT-FOR-US: BeyondTrust
 CVE-2024-24758 (Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici ...)
 	- node-undici <unfixed>
+	[bookworm] - node-undici <no-dsa> (Minor issue)
 	NOTE: https://github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3
 	NOTE: https://github.com/nodejs/undici/commit/b9da3e40f1f096a06b4caedbb27c2568730434ef (v6.6.1)
 	NOTE: https://github.com/nodejs/undici/commit/d3aa574b1259c1d8d329a0f0f495ee82882b1458 (v5.28.3)
@@ -1474,6 +1477,8 @@ CVE-2024-23513 (Deserialization of Untrusted Data vulnerability in PropertyHive.
 	NOT-FOR-US: WordPress plugin
 CVE-2024-1433 (A vulnerability, which was classified as problematic, was found in KDE ...)
 	- plasma-workspace <unfixed> (bug #1064063)
+	[bookworm] - plasma-workspace <no-dsa> (Minor issue)
+	[bullseye] - plasma-workspace <no-dsa> (Minor issue)
 	NOTE: https://github.com/KDE/plasma-workspace/commit/6cdf42916369ebf4ad5bd876c4dfa0170d7b2f01
 CVE-2023-52429 (dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6 ...)
 	- linux <unfixed>


=====================================
data/dsa-needed.txt
=====================================
@@ -95,5 +95,7 @@ squid (apo)
 --
 varnish
 --
+wpa
+--
 zabbix
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/666a81a2fbf3e5b35caf41d48a4d0358fd85e64f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/666a81a2fbf3e5b35caf41d48a4d0358fd85e64f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240219/787326c1/attachment.htm>

More information about the debian-security-tracker-commits mailing list