[Git][security-tracker-team/security-tracker][master] bullseye LTS triaging - fop, assimp

[Santiago R.R. (@santiago)]

Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4dce5c0b by Santiago Ruano Rincón at 2024-10-20T21:43:35-03:00
bullseye LTS triaging - fop, assimp

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2997,6 +2997,7 @@ CVE-2023-52952 (A vulnerability has been identified in HiMed Cockpit 12 pro (J31
 CVE-2024-28168 (Improper Restriction of XML External Entity Reference ('XXE') vulnerab ...)
 	- fop <unfixed> (bug #1084985)
 	[bookworm] - fop <no-dsa> (Minor issue)
+	[bullseye] - fop <postponed> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2024/10/09/1
 	NOTE: https://issues.apache.org/jira/browse/FOP-3168
 	NOTE: https://github.com/apache/xmlgraphics-fop/commit/d96ba9a11710d02716b6f4f6107ebfa9ccec7134 (2_10)
@@ -5279,6 +5280,7 @@ CVE-2024-47003 (Mattermost versions 9.11.x <= 9.11.0 and 9.5.x <= 9.5.8 fail to
 CVE-2024-46632 (Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::Lo ...)
 	- assimp <unfixed> (bug #1082857)
 	[bookworm] - assimp <no-dsa> (Minor issue)
+	[bullseye] - assimp <postponed> (Minor issue)
 	NOTE: https://github.com/assimp/assimp/issues/5771
 CVE-2024-46627 (Incorrect access control in BECN DATAGERRY v2.2 allows attackers to ex ...)
 	NOT-FOR-US: BECN DATAGERRY



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4dce5c0b9f97cabb5e4bab1c8b8da153b6661b03

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4dce5c0b9f97cabb5e4bab1c8b8da153b6661b03
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241021/c786bdfc/attachment.htm>