[Git][security-tracker-team/security-tracker][master] Track fixed version for varnish via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jul 3 06:36:53 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
572515be by Salvatore Bonaccorso at 2024-07-03T07:36:16+02:00
Track fixed version for varnish via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33756,7 +33756,7 @@ CVE-2024-30161 (In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might b
NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/544314
NOTE: https://codereview.qt-project.org/gitweb?p=qt%2Fqtbase.git;a=commit;h=a5b00cefef12999e9a213943855abe6bc0ab5365
CVE-2024-30156 (Varnish Cache before 7.3.2 and 7.4.x before 7.4.3 (and before 6.0.13 L ...)
- - varnish <unfixed> (bug #1068455)
+ - varnish 7.5.0-1 (bug #1068455)
[bookworm] - varnish <ignored> (Minor issue, too intrusive to backport)
[bullseye] - varnish <ignored> (Minor issue, too intrusive to backport)
NOTE: https://varnish-cache.org/security/VSV00014.html
@@ -67863,7 +67863,7 @@ CVE-2023-44487 (The HTTP/2 protocol allows a denial of service (server resource
[bookworm] - dnsdist <no-dsa> (Minor issue)
[bullseye] - dnsdist <no-dsa> (Minor issue)
[buster] - dnsdist <not-affected> (HTTP/2 support was added later)
- - varnish <unfixed> (bug #1056156)
+ - varnish 7.5.0-1 (bug #1056156)
[bookworm] - varnish <ignored> (Minor issue, too intrusive to backport)
[bullseye] - varnish <ignored> (Minor issue, too intrusive to backport)
NOTE: Tomcat: https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49 (10.1.14)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/572515be36cb0975291b4877f2d88478589011cf
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/572515be36cb0975291b4877f2d88478589011cf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240703/4b868b66/attachment.htm>
More information about the debian-security-tracker-commits
mailing list