[Git][security-tracker-team/security-tracker][master] bookworm triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Sep 3 16:25:07 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9fa9faca by Moritz Muehlenhoff at 2024-09-03T17:15:53+02:00
bookworm triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24,24 +24,31 @@ CVE-2024-37136 (Dell Path to PowerProtect, versions 1.1, 1.2, contains an Exposu
 	NOT-FOR-US: Dell
 CVE-2024-45620
 	- opensc <unfixed>
+	[bookworm] - opensc <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309289
 CVE-2024-45619
 	- opensc <unfixed>
+	[bookworm] - opensc <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309288
 CVE-2024-45618
 	- opensc <unfixed>
+	[bookworm] - opensc <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309287
 CVE-2024-45617
 	- opensc <unfixed>
+	[bookworm] - opensc <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309286
 CVE-2024-45616
 	- opensc <unfixed>
+	[bookworm] - opensc <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309290
 CVE-2024-45615
 	- opensc <unfixed>
+	[bookworm] - opensc <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309285
 CVE-2024-45310
 	- runc <unfixed>
+	[bookworm] - runc <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2024/09/03/1
 	NOTE: https://github.com/opencontainers/runc/security/advisories/GHSA-jfvp-7x6p-h2pv
 CVE-2024-8004 (A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Col ...)
@@ -437,6 +444,7 @@ CVE-2024-8285 (A flaw was found in Kroxylicious. When establishing the connectio
 	NOT-FOR-US: kroxylicious
 CVE-2024-42934
 	- openipmi <unfixed>
+	[bookworm] - openipmi <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2308375
 CVE-2024-8304 (A vulnerability has been found in jpress up to 5.1.1 and classified as ...)
 	NOT-FOR-US: jpress
@@ -1155,6 +1163,7 @@ CVE-2024-43966 (Improper Neutralization of Special Elements used in an SQL Comma
 	NOT-FOR-US: WordPress plugin
 CVE-2024-43806 (Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using `r ...)
 	- rust-rustix 0.38.21-1
+	[bookworm] - rust-rustix <no-dsa> (Minor issue)
 	NOTE: https://github.com/bytecodealliance/rustix/security/advisories/GHSA-c827-hfw6-qwvm
 CVE-2024-43802 (Vim is an improved version of the unix vi text editor. When flushing t ...)
 	- vim 2:9.1.0698-1
@@ -1572,6 +1581,7 @@ CVE-2024-42364 (Homepage is a highly customizable homepage with Docker and servi
 	NOT-FOR-US: gethomepage/homepage
 CVE-2024-42040 (Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from  ...)
 	- u-boot <unfixed>
+	[bookworm] - u-boot <no-dsa> (Minor issue)
 	NOTE: https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2024-004.txt
 CVE-2024-41878 (Adobe Experience Manager versions 6.5.19 and earlier are affected by a ...)
 	NOT-FOR-US: Adobe
@@ -20950,6 +20960,7 @@ CVE-2024-37569 (An issue was discovered on Mitel 6869i through 4.5.0.41 and 5.x
 	NOT-FOR-US: Mitel
 CVE-2024-37568 (lepture Authlib before 1.3.1 has algorithm confusion with asymmetric p ...)
 	- python-authlib 1.3.1-1
+	[bookworm] - python-authlib <no-dsa> (Minor issue)
 	NOTE: https://github.com/lepture/authlib/issues/654
 	NOTE: https://github.com/lepture/authlib/commit/3bea812acefebc9ee108aa24557be3ba8971daf1 (v1.3.1)
 CVE-2024-35748 (Missing Authorization vulnerability in OPMC WooCommerce Dropshipping.T ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fa9facaec71df343fc0d154683386f4df814fcb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9fa9facaec71df343fc0d154683386f4df814fcb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240903/90c089ea/attachment.htm>

More information about the debian-security-tracker-commits mailing list