[Git][security-tracker-team/security-tracker][master] Re-triage CVE-2024-58134 for bullseye given new information
Sean Whitton (@spwhitton)
spwhitton at debian.org
Tue May 20 10:11:36 BST 2025
Sean Whitton pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4d41e399 by Sean Whitton at 2025-05-20T10:11:20+01:00
Re-triage CVE-2024-58134 for bullseye given new information
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5326,7 +5326,7 @@ CVE-2024-58135 (Mojolicious versions from 7.28 through 9.40 for Perl may generat
CVE-2024-58134 (Mojolicious versions from 0.999922 through 9.40 for Perl uses a hard c ...)
- libmojolicious-perl <unfixed> (bug #1104648)
[bookworm] - libmojolicious-perl <no-dsa> (Minor issue)
- [bullseye] - libmojolicious-perl <ignored> (Minor issue, upstream's fix requires newer libcryptx-perl)
+ [bullseye] - libmojolicious-perl <postponed> (Minor issue, upstream expects production deployments to reconfigure default session secret)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/29247502/
NOTE: https://github.com/mojolicious/mojo/pull/1791
NOTE: https://github.com/mojolicious/mojo/pull/2200
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d41e399c08ebadf9936b58f999f0262bbd8a022
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4d41e399c08ebadf9936b58f999f0262bbd8a022
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250520/2b5259c3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list