[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2024-28318,CVE-2024-28319/gpac: buster end-of-life
Sylvain Beucler (@beuc)
beuc at debian.org
Sat Mar 16 11:42:28 GMT 2024
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2c155552 by Sylvain Beucler at 2024-03-16T12:42:12+01:00
CVE-2024-28318,CVE-2024-28319/gpac: buster end-of-life
- - - - -
de17954c by Sylvain Beucler at 2024-03-16T12:42:14+01:00
intel-microcode: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -205,10 +205,12 @@ CVE-2024-28401 (TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cr
NOT-FOR-US: TOTOLINK
CVE-2024-28319 (gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain an out ...)
- gpac <unfixed>
+ [buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2763
NOTE: https://github.com/gpac/gpac/commit/cb3c29809bddfa32686e3deb231a76af67b68e1e
CVE-2024-28318 (gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain a out ...)
- gpac <unfixed>
+ [buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2764
NOTE: https://github.com/gpac/gpac/commit/ae831621a08a64e3325ce532f8b78811a1581716
CVE-2024-28255 (OpenMetadata is a unified platform for discovery, observability, and g ...)
@@ -1342,30 +1344,35 @@ CVE-2023-43490 (Incorrect calculation in microcode keying mechanism for some Int
- intel-microcode 3.20240312.1 (bug #1066108)
[bookworm] - intel-microcode <postponed> (Decide after exposure on unstable for update)
[bullseye] - intel-microcode <postponed> (Decide after exposure on unstable for update)
+ [buster] - intel-microcode <postponed> (Decide after exposure on unstable for update)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240312
CVE-2023-39368 (Protection mechanism failure of bus lock regulator for some Intel(R) P ...)
- intel-microcode 3.20240312.1 (bug #1066108)
[bookworm] - intel-microcode <postponed> (Decide after exposure on unstable for update)
[bullseye] - intel-microcode <postponed> (Decide after exposure on unstable for update)
+ [buster] - intel-microcode <postponed> (Decide after exposure on unstable for update)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00972.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240312
CVE-2023-38575 (Non-transparent sharing of return predictor targets between contexts i ...)
- intel-microcode 3.20240312.1 (bug #1066108)
[bookworm] - intel-microcode <postponed> (Decide after exposure on unstable for update)
[bullseye] - intel-microcode <postponed> (Decide after exposure on unstable for update)
+ [buster] - intel-microcode <postponed> (Decide after exposure on unstable for update)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240312
CVE-2023-22655 (Protection mechanism failure in some 3rd and 4th Generation Intel(R) X ...)
- intel-microcode 3.20240312.1 (bug #1066108)
[bookworm] - intel-microcode <postponed> (Decide after exposure on unstable for update)
[bullseye] - intel-microcode <postponed> (Decide after exposure on unstable for update)
+ [buster] - intel-microcode <postponed> (Decide after exposure on unstable for update)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00960.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240312
CVE-2023-28746 (Information exposure through microarchitectural state after transient ...)
- intel-microcode 3.20240312.1 (bug #1066108)
[bookworm] - intel-microcode <postponed> (Decide after exposure on unstable for update)
[bullseye] - intel-microcode <postponed> (Decide after exposure on unstable for update)
+ [buster] - intel-microcode <postponed> (Decide after exposure on unstable for update)
- linux 6.7.9-2
- xen <unfixed>
[bullseye] - xen <end-of-life> (EOLed in Bullseye)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a2277a693b180af1a6d9d9cda1cb8b1b7977ab8c...de17954c678e70c408728d1bc9bcad3361035dd8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a2277a693b180af1a6d9d9cda1cb8b1b7977ab8c...de17954c678e70c408728d1bc9bcad3361035dd8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240316/efd7f422/attachment.htm>
More information about the debian-security-tracker-commits
mailing list