[Git][security-tracker-team/security-tracker][master] mark vte/CVE-2024-37535 as unimportant

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Sep 27 14:36:02 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
beff5abe by Moritz Muehlenhoff at 2024-09-27T15:35:41+02:00
mark vte/CVE-2024-37535 as unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26404,10 +26404,7 @@ CVE-2023-45188 (IBM Engineering Lifecycle Optimization Publishing 7.0.2 and 7.03
 CVE-2023-34003 (Missing Authorization vulnerability in Woo WooCommerce Box Office.This ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-37535 (GNOME VTE before 0.76.3 allows an attacker to cause a denial of servic ...)
-	- vte <unfixed> (bug #1081907)
-	[bookworm] - vte <no-dsa> (Minor issue)
-	[bullseye] - vte <no-dsa> (Minor issue)
-	[buster] - vte <postponed> (Minor issue)
+	- vte <unfixed> (unimportant; bug #1081907)
 	[experimental] - vte2.91 0.76.3-1
 	- vte2.91 0.76.3-6
 	[bookworm] - vte2.91 <no-dsa> (Minor issue)
@@ -26419,6 +26416,7 @@ CVE-2024-37535 (GNOME VTE before 0.76.3 allows an attacker to cause a denial of
 	NOTE: https://gitlab.gnome.org/GNOME/vte/-/commit/1803ba866053a3d7840892b9d31fe2944a183eda (master)
 	NOTE: https://gitlab.gnome.org/GNOME/vte/-/commit/036bc3ddcbb56f05c6ca76712a53b89dee1369e2 (0.76.3)
 	NOTE: https://gitlab.gnome.org/GNOME/vte/-/commit/c313849c2e5133802e21b13fa0b141b360171d39 (0.76.3)
+	NOTE: The legacy src:vte is only used in d-i without security implications
 CVE-2024-5775 (A vulnerability was found in SourceCodester Vehicle Management System  ...)
 	NOT-FOR-US: SourceCodester Vehicle Management System
 CVE-2024-5774 (A vulnerability has been found in SourceCodester Stock Management Syst ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/beff5abe0b39fdbef3c07de7df1840316787808a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/beff5abe0b39fdbef3c07de7df1840316787808a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240927/339af3a2/attachment.htm>

More information about the debian-security-tracker-commits mailing list