[Git][security-tracker-team/security-tracker][master] Ignore CVE-2022-35409 for bullseye

Fri May 2 14:35:40 BST 2025


Andrej Shadura pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b6607cbf by Andrej Shadura at 2025-05-02T15:35:02+02:00
Ignore CVE-2022-35409 for bullseye

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -245874,7 +245874,7 @@ CVE-2022-35410 (mat2 (aka metadata anonymisation toolkit) before 0.13.0 allows .
 CVE-2022-35409 (An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0 ...)
 	{DLA-3249-1}
 	- mbedtls 2.28.1-1
-	[bullseye] - mbedtls <no-dsa> (Minor issue)
+	[bullseye] - mbedtls <ignored> (Fix depends on functionality too intrusive to backport)
 	NOTE: https://github.com/Mbed-TLS/mbedtls-docs/blob/5e9790353d2d9e41e85262eebe52fd90bb49f1e0/security-advisories/advisories/mbedtls-security-advisory-2022-07.md
 	NOTE: https://github.com/Mbed-TLS/mbedtls/commit/f333dfab4a6c2d8a604a61558a8f783145161de4 (v2.28.1)
 	NOTE: https://github.com/Mbed-TLS/mbedtls/commit/e5af9fabf7d68e3807b6ea78792794b8352dbba2 (v2.28.1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6607cbf39da96bc853dfe63d7201fe1f94b2cb4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6607cbf39da96bc853dfe63d7201fe1f94b2cb4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250502/bce831db/attachment.htm>
