[Git][security-tracker-team/security-tracker][master] new bouncycastle issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon May 6 13:46:21 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f70fcc0a by Moritz Muehlenhoff at 2024-05-06T14:45:35+02:00
new bouncycastle issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -335,7 +335,10 @@ CVE-2024-34453 (TwoNav 2.1.13 contains an SSRF vulnerability via the url paramat
CVE-2024-34449 (Vditor 3.10.3 allows XSS via an attribute of an A element. NOTE: the v ...)
NOT-FOR-US: Vditor
CVE-2024-34447 (An issue was discovered in Bouncy Castle Java Cryptography APIs before ...)
- TODO: check
+ - bouncycastle <unfixed>
+ [bookworm] - bouncycastle <no-dsa> (Minor issue)
+ [bullseye] - bouncycastle <no-dsa> (Minor issue)
+ NOTE: https://www.bouncycastle.org/latest_releases.html
CVE-2024-34446 (Mullvad VPN through 2024.1 on Android does not set a DNS server in the ...)
NOT-FOR-US: Mullvad VPN
CVE-2024-34408 (Tencent libpag through 4.3.51 has an integer overflow in DecodeStream: ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f70fcc0ac15efd2e10d733b5b22bbcc29511a184
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f70fcc0ac15efd2e10d733b5b22bbcc29511a184
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240506/e96a0534/attachment.htm>
More information about the debian-security-tracker-commits
mailing list