[Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2024-53425 as postponed for bullseye

Mon Nov 25 22:40:33 GMT 2024


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ad308c16 by Thorsten Alteholz at 2024-11-25T23:30:59+01:00
mark CVE-2024-53425 as postponed for bullseye

- - - - -
697e0b9f by Thorsten Alteholz at 2024-11-25T23:35:40+01:00
mark CVE-2024-10963 as postponed for Bullseye

- - - - -
2da46beb by Thorsten Alteholz at 2024-11-25T23:40:22+01:00
add rclone

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -986,6 +986,7 @@ CVE-2024-53426 (A heap-buffer-overflow vulnerability has been identified in ntop
 CVE-2024-53425 (A heap-buffer-overflow vulnerability was discovered in the SkipSpacesA ...)
 	- assimp <unfixed> (bug #1088187)
 	[bookworm] - assimp <postponed> (Minor issue, revisit when fixed upstream)
+	[bullseye] - assimp <postponed> (Minor issue, revisit when fixed upstream)
 	NOTE: https://github.com/assimp/assimp/issues/5860
 CVE-2024-53335 (TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflo ...)
 	NOT-FOR-US: TOTOLINK
@@ -6171,6 +6172,7 @@ CVE-2024-10964 (A vulnerability classified as critical has been found in emqx ne
 CVE-2024-10963 (A flaw was found in pam_access, where certain rules in its configurati ...)
 	- pam <unfixed> (bug #1087019)
 	[bookworm] - pam <no-dsa> (Minor issue)
+	[bullseye] - pam <postponed> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2324291
 	NOTE: https://github.com/linux-pam/linux-pam/issues/834
 CVE-2024-10668 (There exists an auth bypass in Google Quickshare where an attacker can ...)


=====================================
data/dla-needed.txt
=====================================
@@ -181,6 +181,9 @@ qemu
   NOTE: 20240815: CVE-2024-4467 fix also proposed for 12.7 (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076504)
   NOTE: 20241119: Bookworm PU in progress https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086572
 --
+rclone
+  NOTE: 20241125: Added by Front-Desk (ta)
+--
 redis (Adrian Bunk)
   NOTE: 20241020: Added by Front-Desk (santiago)
   NOTE: 20241020: Ideally sync with a bookworm update please (santiago/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/832d60adf52de71160c8bbe9c1e9e9047d259511...2da46bebf9e0598a502e80a41cb8931ab41de778

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/832d60adf52de71160c8bbe9c1e9e9047d259511...2da46bebf9e0598a502e80a41cb8931ab41de778
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241125/2392d5fc/attachment-0001.htm>
