[Git][security-tracker-team/security-tracker][master] 4 commits: mark CVE-2024-53920 as postponed for Bullseye

Fri Nov 29 23:20:40 GMT 2024


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
25957061 by Thorsten Alteholz at 2024-11-30T00:03:31+01:00
mark CVE-2024-53920 as postponed for Bullseye

- - - - -
bb0339a9 by Thorsten Alteholz at 2024-11-30T00:14:06+01:00
mark CVE-2024-53901 as postponed for Bullseye

- - - - -
43e37cb2 by Thorsten Alteholz at 2024-11-30T00:17:21+01:00
mark CVE-2024-53916 as postponed for Bullseye

- - - - -
16ef009f by Thorsten Alteholz at 2024-11-30T00:19:07+01:00
mark CVE-2024-10524 as postponed for Bullseye

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -374,6 +374,7 @@ CVE-2024-11738
 CVE-2024-53920 (In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to i ...)
 	- emacs <unfixed> (bug #1088690)
 	[bookworm] - emacs <postponed> (Minor issue, revisit when fixed upstream)
+	[bullseye] - emacs <postponed> (Minor issue, revisit when fixed upstream)
 	NOTE: https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html
 	NOTE: https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg%40mail.gmail.com/
 CVE-2024-53855 (Centurion ERP (Enterprise Rescource Planning) is a simple application  ...)
@@ -919,6 +920,7 @@ CVE-2024-53930 (WikiDocs before 1.0.65 allows stored XSS by authenticated users
 CVE-2024-53916 (In OpenStack Neutron through 25.0.0, neutron/extensions/tagging.py can ...)
 	- neutron <unfixed>
 	[bookworm] - neutron <postponed> (Minor issue, revisit when fixed upstream)
+	[bullseye] - neutron <postponed> (Minor issue, revisit when fixed upstream)
 	NOTE: https://review.opendev.org/c/openstack/neutron/+/935883
 CVE-2024-53915 (An issue was discovered in the server in Veritas Enterprise Vault befo ...)
 	NOT-FOR-US: Veritas Enterprise Vault
@@ -1031,6 +1033,7 @@ CVE-2023-45181 (IBM Jazz Foundation 7.0.2 and below are vulnerable to cross-site
 CVE-2024-53901 (The Imager package before 1.025 for Perl has a heap-based buffer overf ...)
 	- libimager-perl 1.025+dfsg-1
 	[bookworm] - libimager-perl <no-dsa> (Minor issue)
+	[bullseye] - libimager-perl <postponed> (Minor issue)
 	NOTE: https://github.com/tonycoz/imager/issues/534
 	NOTE: https://github.com/tonycoz/imager/commit/7851737838aa86113b276aea02729cc1f6e9eed0 (v1.025)
 	NOTE: https://github.com/briandfoy/cpan-security-advisory/issues/167
@@ -3439,6 +3442,7 @@ CVE-2023-52921 (In the Linux kernel, the following vulnerability has been resolv
 CVE-2024-10524 (Applications that use Wget to access a remote resource using shorthand ...)
 	- wget <unfixed> (bug #1088023)
 	[bookworm] - wget <no-dsa> (Minor issue)
+	[bullseye] - wget <postponed> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2024/11/18/6
 	NOTE: https://jfrog.com/blog/cve-2024-10524-wget-zero-day-vulnerability/
 	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=c419542d956a2607bbce5df64b9d378a8588d778 (v1.25.0)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d1679972977093822338b7a4ec13cec733a0b66b...16ef009fdab2ca2020db07c6bacc215f85b130b2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d1679972977093822338b7a4ec13cec733a0b66b...16ef009fdab2ca2020db07c6bacc215f85b130b2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241129/c29e6a67/attachment.htm>
