[Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2024-1968 in python-scrapy for buster LTS.
Chris Lamb (@lamby)
lamby at debian.org
Fri May 24 08:18:01 BST 2024
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fbd535b4 by Chris Lamb at 2024-05-24T08:15:54+01:00
Triage CVE-2024-1968 in python-scrapy for buster LTS.
- - - - -
148f06f5 by Chris Lamb at 2024-05-24T08:16:51+01:00
Triage CVE-2024-29038 & CVE-2024-29039 in tpm2-tools for buster LTS.
- - - - -
6bfabaf2 by Chris Lamb at 2024-05-24T08:17:14+01:00
Triage CVE-2024-29040 in tpm2-tss for buster LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2791,6 +2791,7 @@ CVE-2024-1968 (In scrapy/scrapy, an issue was identified where the Authorization
- python-scrapy 2.11.2-1
[bookworm] - python-scrapy <no-dsa> (Minor issue)
[bullseye] - python-scrapy <no-dsa> (Minor issue)
+ [buster] - python-scrapy <postponed> (Minor issue; can be fixed in next update)
NOTE: https://huntr.com/bounties/27f6a021-a891-446a-ada5-0226d619dd1a
NOTE: https://github.com/scrapy/scrapy/security/advisories/GHSA-4qqq-9vqf-3h3f
NOTE: https://github.com/scrapy/scrapy/commit/f8d6c456e0669ea5344e93fe9206bd1ffebc2008 (2.11.2)
@@ -11802,16 +11803,19 @@ CVE-2024-29040
- tpm2-tss 4.1.0-1 (bug #1070140)
[bookworm] - tpm2-tss <no-dsa> (Minor issue)
[bullseye] - tpm2-tss <no-dsa> (Minor issue)
+ [buster] - tpm2-tss <postponed> (Minor issue; can be fixed in next update)
NOTE: https://github.com/tpm2-software/tpm2-tss/commit/710cd0b6adf3a063f34a8e92da46df7a107d9a99 (4.1.0)
CVE-2024-29039
- tpm2-tools 5.7-1 (bug #1070139)
[bookworm] - tpm2-tools <no-dsa> (Minor issue)
[bullseye] - tpm2-tools <no-dsa> (Minor issue)
+ [buster] - tpm2-tools <postponed> (Minor issue; can be fixed in next update)
NOTE: https://github.com/tpm2-software/tpm2-tools/commit/98599df9392a346216c5a059b8d35271286100bb (5.7)
CVE-2024-29038
- tpm2-tools 5.7-1 (bug #1070139)
[bookworm] - tpm2-tools <no-dsa> (Minor issue)
[bullseye] - tpm2-tools <no-dsa> (Minor issue)
+ [buster] - tpm2-tools <postponed> (Minor issue; can be fixed in next update)
NOTE: https://github.com/tpm2-software/tpm2-tools/commit/66d922d6547b7b4fe4f274fb2ec10b376e0e259c (5.7)
CVE-2024-4327 (A vulnerability was found in Apryse WebViewer up to 10.8.0. It has bee ...)
NOT-FOR-US: Apryse WebViewer
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fbbb0d4e39f3e712eb99e4bd5b79e40423ed2dc3...6bfabaf2a8d3a0e875e5418424afc3524c48e0d0
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fbbb0d4e39f3e712eb99e4bd5b79e40423ed2dc3...6bfabaf2a8d3a0e875e5418424afc3524c48e0d0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240524/3f85ffef/attachment.htm>
More information about the debian-security-tracker-commits
mailing list