[Git][security-tracker-team/security-tracker][master] Reserve DSA number for cacti update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Feb 10 15:46:42 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a37abcf2 by Salvatore Bonaccorso at 2025-02-10T16:46:06+01:00
Reserve DSA number for cacti update
- - - - -
3 changed files:
- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -75800,7 +75800,6 @@ CVE-2024-28276 (Sourcecodester School Task Manager 1.0 is vulnerable to Cross Si
NOT-FOR-US: Sourcecodester School Task Manager
CVE-2024-27082 (Cacti provides an operational monitoring and fault management framewor ...)
- cacti 1.2.27+ds1-1
- [bookworm] - cacti <no-dsa> (Minor issue)
[bullseye] - cacti <not-affected> (Vulnerable code not present)
NOTE: GitHub GHSA: https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h
NOTE: bug: https://github.com/Cacti/cacti/issues/5798
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[10 Feb 2025] DSA-5862-1 cacti - security update
+ {CVE-2024-27082 CVE-2024-43362 CVE-2024-43363 CVE-2024-43364 CVE-2024-43365 CVE-2024-45598 CVE-2024-54145 CVE-2025-22604 CVE-2025-24367 CVE-2025-24368}
+ [bookworm] - cacti 1.2.24+ds1-1+deb12u5
[07 Feb 2025] DSA-5861-1 thunderbird - security update
{CVE-2024-11704 CVE-2025-0510 CVE-2025-1009 CVE-2025-1010 CVE-2025-1011 CVE-2025-1012 CVE-2025-1013 CVE-2025-1014 CVE-2025-1015 CVE-2025-1016 CVE-2025-1017}
[bookworm] - thunderbird 1:128.7.0esr-1~deb12u1
=====================================
data/dsa-needed.txt
=====================================
@@ -11,10 +11,6 @@ To pick an issue, simply add your uid behind it.
If needed, specify the release by adding a slash after the name of the source package.
---
-cacti
- Bastien (rouca) proposed to help out on the cacti DSA while working on the DLA for LTS
- WIP for review: https://salsa.debian.org/debian/cacti/-/tree/bookworm?ref_type=heads
--
fort-validator
probably best to bump bookworm to current upstream
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a37abcf2c57f2e71b7addfcb00472b9e3135ca54
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a37abcf2c57f2e71b7addfcb00472b9e3135ca54
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250210/21eb16d1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list