[Git][security-tracker-team/security-tracker][master] Reserve DSA number for cacti update

Sun Mar 24 12:42:54 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b2aaf5ef by Salvatore Bonaccorso at 2024-03-24T13:40:55+01:00
Reserve DSA number for cacti update

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -19679,6 +19679,7 @@ CVE-2023-50708 (yii2-authclient is an extension that adds OpenID, OAuth, OAuth2
 	NOT-FOR-US: ii2-authclient extension for Yii framework
 CVE-2023-50569 (Reflected Cross Site Scripting (XSS) vulnerability in Cacti v1.2.25, a ...)
 	- cacti 1.2.26+ds1-1
+	[bookworm] - cacti 1.2.24+ds1-1+deb12u2
 	[bullseye] - cacti <not-affected> (Vulnerable code introduced later)
 	[buster] - cacti <not-affected> (Vulnerable code introduced later)
 	NOTE: https://gist.github.com/ISHGARD-2/a6b57de899f977e2af41780e7428b4bf
@@ -19693,6 +19694,7 @@ CVE-2023-50254 (Deepin Linux's default document reader `deepin-reader` software
 	- deepin-reader <itp> (bug #970218)
 CVE-2023-50250 (Cacti is an open source operational monitoring and fault management fr ...)
 	- cacti 1.2.26+ds1-1
+	[bookworm] - cacti 1.2.24+ds1-1+deb12u2
 	[bullseye] - cacti <not-affected> (Vulnerable code introduced later)
 	[buster] - cacti <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-xwqc-7jc4-xm73


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[24 Mar 2024] DSA-5646-1 cacti - security update
+	{CVE-2023-39360 CVE-2023-39513 CVE-2023-49084 CVE-2023-49085 CVE-2023-49086 CVE-2023-49088}
+	[bullseye] - cacti 1.2.16+ds1-2+deb11u3
+	[bookworm] - cacti 1.2.24+ds1-1+deb12u2
 [23 Mar 2024] DSA-5645-1 firefox-esr - security update
 	{CVE-2024-29944}
 	[bullseye] - firefox-esr 115.9.1esr-1~deb11u1


=====================================
data/dsa-needed.txt
=====================================
@@ -11,9 +11,6 @@ To pick an issue, simply add your uid behind it.
 
 If needed, specify the release by adding a slash after the name of the source package.
 
---
-cacti (carnil)
-  Sylvain Beucler is working on an update and proposing debdiff
 --
 chromium (dilinger)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2aaf5ef3cb7b9b0f3ca174b0ce1d8c91c121d45

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2aaf5ef3cb7b9b0f3ca174b0ce1d8c91c121d45
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240324/d3627a31/attachment.htm>
