[Git][security-tracker-team/security-tracker][master] Mark libbson-xs-perl as no-dsa for bookworm
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon May 5 06:10:15 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
16042dea by Salvatore Bonaccorso at 2025-05-05T07:09:36+02:00
Mark libbson-xs-perl as no-dsa for bookworm
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16470,6 +16470,7 @@ CVE-2023-47539 (An improper access control vulnerability in FortiMail version 7.
NOT-FOR-US: Fortinet
CVE-2025-0755 (The various bson_appendfunctions in the MongoDB C driver library may b ...)
- libbson-xs-perl <removed>
+ [bookworm] - libbson-xs-perl <no-dsa> (Minor issue)
- mongo-c-driver 1.27.5-1
[bookworm] - mongo-c-driver <no-dsa> (Minor issue; can be fixed via point-release)
NOTE: https://jira.mongodb.org/browse/SERVER-94461
@@ -88671,6 +88672,7 @@ CVE-2024-6461
REJECTED
CVE-2024-6383 (The bson_string_append function in MongoDB C Driver may be vulnerable ...)
- libbson-xs-perl <removed>
+ [bookworm] - libbson-xs-perl <no-dsa> (Minor issue)
- mongo-c-driver 1.27.1-1
[bookworm] - mongo-c-driver <no-dsa> (Minor issue)
[bullseye] - mongo-c-driver <no-dsa> (Minor issue)
@@ -88914,6 +88916,7 @@ CVE-2024-6382 (Incorrect handling of certain string inputs may result in MongoDB
NOT-FOR-US: MongoDB rust driver
CVE-2024-6381 (The bson_strfreev function in the MongoDB C driver library may be susc ...)
- libbson-xs-perl <removed>
+ [bookworm] - libbson-xs-perl <no-dsa> (Minor issue)
- mongo-c-driver 1.26.2-1
[bookworm] - mongo-c-driver <no-dsa> (Minor issue)
[bullseye] - mongo-c-driver <no-dsa> (Minor issue)
@@ -199362,6 +199365,7 @@ CVE-2023-0438 (Cross-Site Request Forgery (CSRF) in GitHub repository modoboa/mo
NOT-FOR-US: Modoboa
CVE-2023-0437 (When calling bson_utf8_validateon some inputs a loop with an exit cond ...)
- libbson-xs-perl <removed>
+ [bookworm] - libbson-xs-perl <no-dsa> (Minor issue)
- mongo-c-driver 1.25.0-1
[bookworm] - mongo-c-driver <no-dsa> (Minor issue)
[bullseye] - mongo-c-driver <no-dsa> (Minor issue)
@@ -506507,6 +506511,7 @@ CVE-2018-16790 (_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as us
- libbson <removed> (bug #913896)
[stretch] - libbson <no-dsa> (Minor issue)
- libbson-xs-perl <removed>
+ [bookworm] - libbson-xs-perl <no-dsa> (Minor issue)
- mongo-c-driver 1.13.0-1 (bug #913963)
NOTE: https://jira.mongodb.org/browse/CDRIVER-2819
NOTE: https://github.com/mongodb/mongo-c-driver/commit/0d9a4d98bfdf4acd2c0138d4aaeb4e2e0934bd84
@@ -562628,6 +562633,7 @@ CVE-2017-14227 (In MongoDB libbson 1.7.0, the bson_iter_codewscope function in b
- libbson 1.8.0-1 (bug #874754)
[stretch] - libbson <no-dsa> (Minor issue)
- libbson-xs-perl <removed>
+ [bookworm] - libbson-xs-perl <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1489355
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1489356
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1489362
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16042dea1233e5dfd62fba4bdcb92d10cbe5d918
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16042dea1233e5dfd62fba4bdcb92d10cbe5d918
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250505/aea8ca04/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list