[Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2024-46478 in htmldoc for bullseye LTS.
Chris Lamb (@lamby)
lamby at debian.org
Sun Oct 27 20:28:15 GMT 2024
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9769f1e1 by Chris Lamb at 2024-10-27T13:26:02-07:00
Triage CVE-2024-46478 in htmldoc for bullseye LTS.
- - - - -
263df5b0 by Chris Lamb at 2024-10-27T13:27:50-07:00
Triage CVE-2024-9287 in python2.7 for bullseye LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -552,6 +552,7 @@ CVE-2024-46994 (baserCMS is a website development framework. Versions prior to 5
CVE-2024-46478 (HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pd ...)
- htmldoc 1.9.18-3 (bug #1086061)
[bookworm] - htmldoc <no-dsa> (Minor issue)
+ [bullseye] - htmldoc <postponed> (Minor issue; can be fixed in next update)
NOTE: https://github.com/michaelrsweet/htmldoc/issues/529
NOTE: https://github.com/michaelrsweet/htmldoc/commit/683bec548e642cf4a17e003fb34f6bbaf2d27b98
CVE-2024-45259 (An issue was discovered on certain GL-iNet devices, including MT6000, ...)
@@ -954,6 +955,7 @@ CVE-2024-9287 (A vulnerability has been found in the CPython `venv` module and C
- python3.11 <removed>
- python3.9 <removed>
- python2.7 <removed>
+ [bullseye] - python2.7 <end-of-life> (Unsupported in Bullseye, only included to build a few applications)
NOTE: https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/
NOTE: https://github.com/python/cpython/pull/124712
NOTE: https://github.com/python/cpython/commit/e52095a0c1005a87eed2276af7a1f2f66e2b6483 (3.13-branch)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/65a9997fe523ce2a66f2d6bc68b841d34beb8cdc...263df5b0501f1020014569a9988f1ccb64195e50
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/65a9997fe523ce2a66f2d6bc68b841d34beb8cdc...263df5b0501f1020014569a9988f1ccb64195e50
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241027/ccf31aad/attachment.htm>
More information about the debian-security-tracker-commits
mailing list