[Git][security-tracker-team/security-tracker][master] bookworm triage

Moritz Muehlenhoff (@jmm) Thu, 17 Oct 2024 00:54:00 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
63f3ffef by Moritz Mühlenhoff at 2024-10-16T18:21:09+02:00
bookworm triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2029,6 +2029,7 @@ CVE-2024-27457 (Improper check for unusual or exceptional 
conditions in Intel(R)
        NOT-FOR-US: Intel
 CVE-2024-25885 (An issue in the getcolor function in utils.py of xhtml2pdf 
v0.2.13 all ...)
        - xhtml2pdf <unfixed> (bug #1084986)
+       [bookworm] - xhtml2pdf <no-dsa> (Minor issue)
        NOTE: 
https://gist.github.com/salvatore-abello/c88dd0027496774023ef36c7b576d206
 CVE-2024-25825 (FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS 
for You 1 ...)
        NOT-FOR-US: FydeOS
@@ -2050,6 +2051,7 @@ CVE-2023-52952 (A vulnerability has been identified in 
HiMed Cockpit 12 pro (J31
        NOT-FOR-US: Siemens
 CVE-2024-28168 (Improper Restriction of XML External Entity Reference ('XXE') 
vulnerab ...)
        - fop <unfixed> (bug #1084985)
+       [bookworm] - fop <no-dsa> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2024/10/09/1
        NOTE: https://issues.apache.org/jira/browse/FOP-3168
        NOTE: 
https://github.com/apache/xmlgraphics-fop/commit/d96ba9a11710d02716b6f4f6107ebfa9ccec7134
 (2_10)
@@ -9185,6 +9187,7 @@ CVE-2024-20439 (A vulnerability in Cisco Smart Licensing 
Utility could allow an
        NOT-FOR-US: Cisco
 CVE-2024-44082 (In OpenStack Ironic before 26.0.1 and ironic-python-agent 
before 9.13. ...)
        - ironic 1:26.1.0-1
+       [bookworm] - ironic <no-dsa> (Minor issue)
        - ironic-python-agent 9.14.0-1
        NOTE: https://www.openwall.com/lists/oss-security/2024/09/04/4
        NOTE: https://bugs.launchpad.net/ironic/+bug/2071740


=====================================
data/dsa-needed.txt
=====================================
@@ -26,6 +26,8 @@ linux (carnil)
   Wait until more issues have piled up, though try to regulary rebase for point
   releases to more 6.1.y versions
 --
+openjdk-17 (jmm)
+--
 opennds
   pinged maintainer, but no reply yet. should most probably be bumped to 10.x
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63f3ffef71bf21f95979bb533e4c945d90f92e88

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63f3ffef71bf21f95979bb533e4c945d90f92e88
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bookworm triage

Reply via email to