[Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Feb 26 15:45:30 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e5620268 by Moritz Muehlenhoff at 2024-02-26T16:44:40+01:00
bookworm/bullseye triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -169,6 +169,7 @@ CVE-2024-21502 (Versions of the package fastecdsa before 2.3.2 are vulnerable to
 	NOT-FOR-US: fastecdsa
 CVE-2024-21501 (Versions of the package sanitize-html before 2.12.1 are vulnerable to  ...)
 	- node-sanitize-html <unfixed>
+	[bookworm] - node-sanitize-html <no-dsa> (Minor issue)
 	NOTE: https://github.com/apostrophecms/sanitize-html/pull/650
 	NOTE: https://gist.github.com/Slonser/8b4d061abe6ee1b2e10c7242987674cf
 	NOTE: https://github.com/apostrophecms/apostrophe/discussions/4436
@@ -32715,6 +32716,8 @@ CVE-2023-40579 (OpenFGA is an authorization/permission engine built for develope
 CVE-2023-40577 (Alertmanager handles alerts sent by client applications such as the Pr ...)
 	{DLA-3609-1}
 	- prometheus-alertmanager 0.26.0+ds-1 (bug #1050558)
+	[bookworm] - prometheus-alertmanager <no-dsa> (Minor issue)
+	[bullseye] - prometheus-alertmanager <no-dsa> (Minor issue)
 	NOTE: https://github.com/prometheus/alertmanager/security/advisories/GHSA-v86x-5fm3-5p7j
 	NOTE: https://github.com/prometheus/alertmanager/commit/8b9f2fd20c25e0d1e76aa0b407f7e354996d8e72 (v0.25.1)
 CVE-2023-40576 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -63,6 +63,8 @@ pillow (jmm)
 --
 py7zr/oldstable
 --
+pymatgen/stable
+--
 python-asyncssh
 --
 redmine/stable



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e562026810c5be677041005257307ad4066f5fe7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e562026810c5be677041005257307ad4066f5fe7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240226/34c9a754/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list