[Git][security-tracker-team/security-tracker][master] pymongo spu/ospu

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 18 14:15:52 BST 2024



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3a9d5975 by Moritz Mühlenhoff at 2024-06-18T15:15:09+02:00
pymongo spu/ospu

- - - - -


3 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -3446,6 +3446,8 @@ CVE-2023-6956 (The EasyAzon \u2013 Amazon Associates Affiliate Plugin plugin for
 CVE-2024-5629 (An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier ...)
 	{DLA-3832-1}
 	- pymongo 4.7.3-1
+	[bookworm] - pymongo <no-dsa> (Minor issue)
+	[bullseye] - pymongo <no-dsa> (Minor issue)
 	NOTE: https://jira.mongodb.org/browse/PYTHON-4305
 	NOTE: https://github.com/mongodb/mongo-python-driver/pull/1564
 CVE-2024-5571 (The EmbedPress \u2013 Embed PDF, Google Docs, Vimeo, Wistia, Embed You ...)


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -162,3 +162,5 @@ CVE-2024-5742
 	[bullseye] - nano 5.4-2+deb11u3
 CVE-2024-35235
 	[bullseye] - cups 2.3.3op2-3+deb11u7
+CVE-2024-5629
+	[bullseye] - pymongo 3.11.0-1+deb11u1


=====================================
data/next-point-update.txt
=====================================
@@ -218,3 +218,5 @@ CVE-2024-28835
 	[bookworm] - gnutls28 3.7.9-2+deb12u3
 CVE-2024-35235
 	[bookworm] - cups 2.4.2-3+deb12u6
+CVE-2024-5629
+	[bookworm] - pymongo 3.11.0-1+deb12u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a9d5975b7db82d51a6dd9857317c47333fbf9b2

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a9d5975b7db82d51a6dd9857317c47333fbf9b2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240618/7361bab7/attachment.htm>


More information about the debian-security-tracker-commits mailing list