[Git][security-tracker-team/security-tracker][master] bookworm triage

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
acc83b25 by Moritz Muehlenhoff at 2024-09-01T17:53:56+02:00
bookworm triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10,12 +10,15 @@ CVE-2024-7717 (The WP Events Manager plugin for WordPress is vulnerable to time-
 	NOT-FOR-US: WordPress plugin
 CVE-2024-0111 (NVIDIA CUDA Toolkit contains a vulnerability in command 'cuobjdump' wh ...)
 	- nvidia-cuda-toolkit <unfixed>
+	[bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5564
 CVE-2024-0110 (NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` wh ...)
 	- nvidia-cuda-toolkit <unfixed>
+	[bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5564
 CVE-2024-0109 (NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` wh ...)
 	- nvidia-cuda-toolkit <unfixed>
+	[bookworm] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5564
 CVE-2024-44946 (In the Linux kernel, the following vulnerability has been resolved:  k ...)
 	- linux 6.10.7-1
@@ -432,6 +435,7 @@ CVE-2021-4442 (In the Linux kernel, the following vulnerability has been resolve
 	NOTE: https://git.kernel.org/linus/8811f4a9836e31c14ecdf79d9f3cb7c5d463265d (5.12-rc3)
 CVE-2024-8250 (NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.1 ...)
 	- wireshark <unfixed>
+	[bookworm] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2024-11.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19943
 CVE-2024-8198 (Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113  ...)
@@ -716,6 +720,7 @@ CVE-2024-44340 (D-Link DIR-846W A1 FW100A43 was discovered to contain a remote c
 CVE-2024-43788 (Webpack is a module bundler. Its main purpose is to bundle JavaScript  ...)
 	[experimental] - node-webpack 5.94.0+dfsg1+~cs11.18.26-1
 	- node-webpack <unfixed>
+	[bookworm] - node-webpack <no-dsa> (Minor issue)
 	NOTE: https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986
 	NOTE: Fixed by: https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61 (v5.94.0)
 CVE-2024-43783 (The Apollo Router Core is a configurable, high-performance graph route ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acc83b2568010adc0ec7b83d99f7190f693711db

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acc83b2568010adc0ec7b83d99f7190f693711db
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240901/0791910b/attachment.htm>