[Git][security-tracker-team/security-tracker][master] 2 commits: Treat CVE-2024-27351 as a minor issue for buster.

Ola Lundqvist (@opal) opal at debian.org
Wed Mar 6 20:52:12 GMT 2024 


Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6b498faf by Ola Lundqvist at 2024-03-06T21:51:53+01:00
Treat CVE-2024-27351 as a minor issue for buster.

- - - - -
73dedb18 by Ola Lundqvist at 2024-03-06T21:51:53+01:00
Added ruby-rack to dla-needed.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -591,6 +591,7 @@ CVE-2024-2002
 	NOTE: Fixed by: https://github.com/davea42/libdwarf-code/commit/404e6b1b14f60c81388d50b4239f81d461b3c3ad
 CVE-2024-27351 [Potential regular expression denial-of-service in django.utils.text.Truncator.words()]
 	- python-django 3:4.2.11-1
+	[buster] - python-django <no-dsa> (Minor issue)
 	NOTE: https://www.djangoproject.com/weblog/2024/mar/04/security-releases/
 	NOTE: https://github.com/django/django/commit/3394fc6132436eca89e997083bae9985fb7e761e (5.0.3)
 	NOTE: https://github.com/django/django/commit/3c9a2771cc80821e041b16eb36c1c37af5349d4a (4.2.11)


=====================================
data/dla-needed.txt
=====================================
@@ -274,6 +274,9 @@ ring
   NOTE: 20230903: Added by Front-Desk (gladk)
   NOTE: 20230928: will be likely hard to fix see https://lists.debian.org/debian-lts/2023/09/msg00035.html (rouca)
 --
+ruby-rack
+  NOTE: 20240306: Added by Front-Desk (opal)
+--
 runc
   NOTE: 20240204: Added by Front-Desk (ta)
   NOTE: 20240219: Complete fix for CVE-2024-21626 would require backport of



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/426c289a0216367ef5eccf220234906db282329d...73dedb18d9cf68d1327125f6c252a37a4cb0d846

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/426c289a0216367ef5eccf220234906db282329d...73dedb18d9cf68d1327125f6c252a37a4cb0d846
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240306/c3cbd5a3/attachment.htm>

More information about the debian-security-tracker-commits mailing list