[Git][security-tracker-team/security-tracker][master] LTS: sync triage of CVE-2024-52046 and drop mina2 from dla-needed.txt (only 2 postponed CVEs)

Roberto C. Sánchez (@roberto) roberto at debian.org
Wed Jun 25 19:01:39 BST 2025 


Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f8e07cc2 by Roberto C. Sánchez at 2025-06-25T14:01:07-04:00
LTS: sync triage of CVE-2024-52046 and drop mina2 from dla-needed.txt (only 2 postponed CVEs)

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -59598,6 +59598,7 @@ CVE-2024-52046 (The ObjectSerializationDecoder in Apache MINA uses Java\u2019s n
 	[bullseye] - mina <postponed> (Minor issue; need specific conditions)
 	- mina2 <unfixed> (bug #1091530)
 	[bookworm] - mina2 <no-dsa> (Minor issue)
+	[bullseye] - mina2 <postponed> (Minor issue; need specific conditions)
 	NOTE: https://lists.apache.org/thread/4wxktgjpggdbto15d515wdctohb0qmv8
 	NOTE: https://github.com/apache/mina/commit/f9cc5ada6ebef4ee7cc51aac824e42e2e422310e (2.2.4)
 	NOTE: https://github.com/apache/mina/commit/cdb59eb6131696a440870ab89ad0e20804eb5ca7 (2.1.10)


=====================================
data/dla-needed.txt
=====================================
@@ -216,11 +216,6 @@ mediawiki
 mimetex
   NOTE: 20250422: Added by Front-Desk (rouca)
 --
-mina2
-  NOTE: 20250111: Added by Front-Desk (ta)
-  NOTE: 20250114: Patches for CVE-2024-52046 https://github.com/apache/mina/commit/f9cc5ada6ebef4ee7cc51aac824e42e2e422310e (2.2.4) and ... (dleidert)
-  NOTE: 20250114: ... https://github.com/apache/mina/commit/cdb59eb6131696a440870ab89ad0e20804eb5ca7 (2.1.10) (dleidert)
---
 nagvis
   NOTE: 20250117: Added by Front-Desk (rouca)
   NOTE: 20250119: Also check/fix https://bugs.debian.org/1061044



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8e07cc2f1227e0ddce37e6f4829b67f948bed5d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8e07cc2f1227e0ddce37e6f4829b67f948bed5d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250625/2998898f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list