[Git][security-tracker-team/security-tracker][master] 3 commits: add activemq

Thorsten Alteholz (@alteholz) alteholz at debian.org
Fri Sep 13 23:00:02 BST 2024 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
96abb509 by Thorsten Alteholz at 2024-09-13T23:37:26+02:00
add activemq

- - - - -
920fcd0d by Thorsten Alteholz at 2024-09-13T23:40:47+02:00
mark CVE-2024-20506 and CVE-2024-20505 as postponed for Bullseye

- - - - -
f6ec3f92 by Thorsten Alteholz at 2024-09-13T23:56:13+02:00
mark CVE-2024-8096 as postponed for Bullseye

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -890,6 +890,7 @@ CVE-2024-1656 (Affected versions of Octopus Server had a weak content security p
 CVE-2024-8096 (When curl is told to use the Certificate Status Request TLS extension, ...)
 	- curl 8.10.0-1
 	[bookworm] - curl <no-dsa> (Minor issue)
+	[bullseye] - curl <postponed> (Minor issue)
 	NOTE: https://curl.se/docs/CVE-2024-8096.html
 	NOTE: Introduced with: https://github.com/curl/curl/commit/f13669a375f5bfd14797bda91642cabe076974fa (curl-7_41_0)
 	NOTE: Fixed by: https://github.com/curl/curl/commit/aeb1a281cab13c7ba791cb104e556b20e713941f (curl-8_10_0)
@@ -2001,10 +2002,12 @@ CVE-2024-2166 (Improper Neutralization of Input During Web Page Generation ('Cro
 CVE-2024-20506 (A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) ...)
 	- clamav <unfixed> (bug #1080962)
 	[bookworm] - clamav <no-dsa> (clamav is updated via -updates)
+	[bullseye] - clamav <postponed> (Minor issue)
 	NOTE: https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html
 CVE-2024-20505 (A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) v ...)
 	- clamav <unfixed> (bug #1080962)
 	[bookworm] - clamav <no-dsa> (clamav is updated via -updates)
+	[bullseye] - clamav <postponed> (Minor issue)
 	NOTE: https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html
 CVE-2024-8418 (A flaw was found in Aardvark-dns versions 1.12.0 and 1.12.1. They cont ...)
 	- aardvark-dns 1.12.2-1 (bug #1080964)


=====================================
data/dla-needed.txt
=====================================
@@ -23,6 +23,9 @@ https://lts-team.pages.debian.net/wiki/Development.html#triage-new-security-issu
 To make it easier to see the entire history of an update, please append notes
 rather than remove/replace existing ones.
 
+--
+activemq
+  NOTE: 20240913: Added by Front-Desk (ta)
 --
 asterisk (Thorsten Alteholz)
   NOTE: 20240815: Added by Front-Desk (Beuc)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2691eca8159891aec9a2f17c5d6d6eddfcbe20c2...f6ec3f928dcc372fecf42d9b3d8931dfffa6b499

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2691eca8159891aec9a2f17c5d6d6eddfcbe20c2...f6ec3f928dcc372fecf42d9b3d8931dfffa6b499
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240913/4e2ccb71/attachment.htm>

More information about the debian-security-tracker-commits mailing list