[Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2024-52948 in lemonldap-ng for bullseye LTS.
Chris Lamb (@lamby)
lamby at debian.org
Thu Jan 23 11:21:19 GMT 2025
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d7a3089b by Chris Lamb at 2025-01-23T11:20:25+00:00
Triage CVE-2024-52948 in lemonldap-ng for bullseye LTS.
- - - - -
130723e1 by Chris Lamb at 2025-01-23T11:20:52+00:00
Triage CVE-2025-23050 in qtconnectivity-opensource-src for bullseye LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -65,6 +65,7 @@ CVE-2025-23050
[bookworm] - qt6-connectivity <no-dsa> (Minor issue)
- qtconnectivity-opensource-src <unfixed>
[bookworm] - qtconnectivity-opensource-src <no-dsa> (Minor issue)
+ [bullseye] - qtconnectivity-opensource-src <postponed> (Minor issue; can be fixed in next update)
NOTE: https://www.qt.io/blog/security-advisory-qlowenergycontroller-on-linux
NOTE: https://github.com/qt/qtconnectivity/commit/aecbd657c841a2a8c74631ceac96b8ff1f03ab5c (dev)
NOTE: https://qt-mirror.dannhauer.de/archive/qt/5.15/CVE-2025-23050-qtconnectivity-5.15.diff
@@ -378,6 +379,7 @@ CVE-2023-36998 (The NextEPC MME <= 1.0.1 (fixed in commit a8492c9c5bc0a66c6999cb
CVE-2024-52948 [CSRF on 2FA registration]
- lemonldap-ng 2.20.2+ds-1
[bookworm] - lemonldap-ng <no-dsa> (Will be fixed via point update)
+ [bullseye] - lemonldap-ng <postponed> (Minor issue; can be fixed in next update)
NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3258
NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/0e69ee17ee7e78569a6f7a3c859105e958d374d4
NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/d65bd9cb8e9a620f71214d87e937747d7b415999
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/22c5dd6b2b766f82203d07b38722dc40544e5505...130723e162b3670ce0c6e7cc6f27f570bc858827
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/22c5dd6b2b766f82203d07b38722dc40544e5505...130723e162b3670ce0c6e7cc6f27f570bc858827
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250123/79412018/attachment.htm>
More information about the debian-security-tracker-commits
mailing list