[Git][security-tracker-team/security-tracker][master] 2 commits: Retriage CVE-2024-21633/apktool for bullseye LTS.
Chris Lamb (@lamby)
lamby at debian.org
Mon Sep 23 19:02:30 BST 2024
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
82e14f5c by Chris Lamb at 2024-09-23T11:00:36-07:00
Retriage CVE-2024-21633/apktool for bullseye LTS.
- - - - -
a323d320 by Chris Lamb at 2024-09-23T11:01:50-07:00
Retriage CVE-2024-6126/cockpit for bullseye LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18747,7 +18747,7 @@ CVE-2024-6426 (Information exposure vulnerability in MESbook 20221021.03 version
CVE-2024-6126 (A flaw was found in the cockpit package. This flaw allows an authentic ...)
- cockpit 320-1
[bookworm] - cockpit 287.1-0+deb12u3
- [bullseye] - cockpit <no-dsa> (Minor issue)
+ [bullseye] - cockpit <postponed> (Minor issue)
NOTE: Fixed by: https://github.com/cockpit-project/cockpit/commit/08965365ac311f906a520cbf65427742d5f84ba4 (320)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2292897
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2290859
@@ -71710,7 +71710,7 @@ CVE-2024-21622 (Craft is a content management system. This is a potential modera
CVE-2024-0217 (A use-after-free flaw was found in PackageKitd. In some conditions, th ...)
- packagekit <unfixed> (bug #1060016)
[bookworm] - packagekit <no-dsa> (Minor issue)
- [bullseye] - packagekit <no-dsa> (Minor issue)
+ [bullseye] - packagekit <postponed> (Minor issue)
[buster] - packagekit <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2256624
NOTE: Reducing impact via: https://github.com/PackageKit/PackageKit/commit/64278c9127e3333342b56ead99556161f7e86f79 (v1.2.7)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3199ba3abcba6b49b5606f19da8fb54d097db8cf...a323d3207153906e77bfab8e1f2839d53894485f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3199ba3abcba6b49b5606f19da8fb54d097db8cf...a323d3207153906e77bfab8e1f2839d53894485f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240923/7fc86c5c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list