[Git][security-tracker-team/security-tracker][master] 3 commits: data/dla-needed.txt: Triage python-pymysql for buster LTS (CVE-2024-36039)

Chris Lamb (@lamby) lamby at debian.org
Thu May 23 11:07:07 BST 2024



Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b40a30bc by Chris Lamb at 2024-05-23T11:03:56+01:00
data/dla-needed.txt: Triage python-pymysql for buster LTS (CVE-2024-36039)

- - - - -
4b968c93 by Chris Lamb at 2024-05-23T11:04:23+01:00
data/dla-needed.txt: Claim python-pymysql.

- - - - -
675acd8c by Chris Lamb at 2024-05-23T11:05:39+01:00
Triage CVE-2024-26306 in iperf3 for buster LTS.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -6450,6 +6450,7 @@ CVE-2024-26306 (iPerf3 before 3.17, when used with OpenSSL before 3.2.0 as a ser
 	- iperf3 <unfixed>
 	[bookworm] - iperf3 <no-dsa> (Minor issue)
 	[bullseye] - iperf3 <no-dsa> (Minor issue)
+	[buster] - iperf3 <postponed> (Minor issue; can be fixed in next update)
 CVE-2023-5052 (vulnerability in Uniform Server Zero, version 10.2.5, consisting of an ...)
 	NOT-FOR-US: Uniform Zero Server
 CVE-2024-4799 (A vulnerability, which was classified as critical, was found in Kaship ...)


=====================================
data/dla-needed.txt
=====================================
@@ -247,6 +247,9 @@ python-asyncssh
   NOTE: 20240116: Added by Front-Desk (lamby)
   NOTE: 20240131: Patch for CVE-2023-46445 and CVE-2023-46446 backported and in Git, but one test is failing. Waiting for feedback before release. (dleidert)
 --
+python-pymysql (Chris Lamb)
+  NOTE: 20240523: Added by Front-Desk (lamby)
+--
 rails
   NOTE: 20220909: Re-added due to regression (abhijith)
   NOTE: 20220909: Regression on 2:5.2.2.1+dfsg-1+deb10u4 (abhijith)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/09303ea80b963cf5690204f25b00d2ddbd7f05d5...675acd8ce8d80583be19006f08db658de2769092

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/09303ea80b963cf5690204f25b00d2ddbd7f05d5...675acd8ce8d80583be19006f08db658de2769092
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240523/6f1cc962/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list