[Git][security-tracker-team/security-tracker][master] 2 commits: Track removal of liboqs from unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Apr 15 19:35:43 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5f90c445 by Salvatore Bonaccorso at 2025-04-15T20:34:55+02:00
Track removal of liboqs from unstable
- - - - -
bf1e8107 by Salvatore Bonaccorso at 2025-04-15T20:35:20+02:00
Track removal of liboqs from all supported suites
- - - - -
2 changed files:
- data/CVE/list
- data/packages/removed-packages
Changes:
=====================================
data/CVE/list
=====================================
@@ -41248,7 +41248,7 @@ CVE-2024-54143 (openwrt/asu is an image on demand server for OpenWrt based distr
CVE-2024-54141 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, ...)
NOT-FOR-US: phpMyFAQ
CVE-2024-54137 (liboqs is a C-language cryptographic library that provides implementat ...)
- - liboqs <unfixed> (bug #1089185)
+ - liboqs <removed> (bug #1089185)
NOTE: https://github.com/open-quantum-safe/liboqs/security/advisories/GHSA-gpf4-vrrw-r8v7
NOTE: Fixed by: https://github.com/open-quantum-safe/liboqs/commit/cce1bfde4e52c524b087b9687020d283fbde0f24 (0.12.0-rc1)
CVE-2024-54136 (ClipBucket V5 provides open source video hosting with PHP. ClipBucket- ...)
@@ -88418,7 +88418,7 @@ CVE-2024-36407 (SuiteCRM is an open-source Customer Relationship Management (CRM
CVE-2024-36406 (SuiteCRM is an open-source Customer Relationship Management (CRM) soft ...)
NOT-FOR-US: SuiteCRM
CVE-2024-36405 (liboqs is a C-language cryptographic library that provides implementat ...)
- - liboqs <unfixed> (bug #1073250)
+ - liboqs <removed> (bug #1073250)
NOTE: https://github.com/open-quantum-safe/liboqs/security/advisories/GHSA-f2v9-5498-2vpp
NOTE: https://github.com/open-quantum-safe/liboqs/commit/982c762c242ef549c914891b47bf6e0ed6321f91 (main)
NOTE: https://github.com/open-quantum-safe/liboqs/commit/fbfac754585d788c19b49cac569e4e2ea182f579 (0.10.1-rc1)
@@ -92100,7 +92100,7 @@ CVE-2024-33470 (An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4
CVE-2024-33427
REJECTED
CVE-2024-31510 (An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker t ...)
- - liboqs <unfixed> (bug #1072118)
+ - liboqs <removed> (bug #1072118)
NOTE: https://github.com/liang-junkai/Fault-injection-of-ML-DSA
CVE-2024-22588 (Kwik commit 745fd4e2 does not discard unused encryption keys.)
NOT-FOR-US: Kwik
=====================================
data/packages/removed-packages
=====================================
@@ -1075,3 +1075,4 @@ flask-appbuilder
zeek
postgresql-16
ruby3.2
+liboqs
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a9dda5b1d7ffa311d1c91c962f3162017f4ecbbd...bf1e8107b53f5f1b9d2329b198c3a541e53c620a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a9dda5b1d7ffa311d1c91c962f3162017f4ecbbd...bf1e8107b53f5f1b9d2329b198c3a541e53c620a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250415/60aac365/attachment.htm>
More information about the debian-security-tracker-commits
mailing list