[Git][security-tracker-team/security-tracker][master] bookworm triage

Moritz Muehlenhoff (@jmm) Thu, 05 Dec 2024 02:11:51 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d4762c0c by Moritz Muehlenhoff at 2024-12-05T11:11:29+01:00
bookworm triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -527,6 +527,7 @@ CVE-2024-53990 (The AsyncHttpClient (AHC) library allows 
Java applications to ea
        NOTE: 
https://github.com/AsyncHttpClient/async-http-client/commit/d5a83362f7aed81b93ebca559746ac9be0f95425
 (async-http-client-project-3.0.1)
 CVE-2024-53984 (Nanopb is a small code-size Protocol Buffers implementation.  
When the ...)
        - nanopb 0.4.9.1-1 (bug #1088994)
+       [bookworm] - nanopb <no-dsa> (Minor issue)
        NOTE: 
https://github.com/nanopb/nanopb/security/advisories/GHSA-xwqq-qxmw-hj5r
        NOTE: Fixed by: 
https://github.com/nanopb/nanopb/commit/2b86c255aa52250438d5aba124d0e86db495b378
 CVE-2024-53981 (python-multipart is a streaming multipart parser for Python. 
When pars ...)
@@ -7887,6 +7888,7 @@ CVE-2024-48010 (Dell PowerProtect DD, versions prior to 
8.1.0.0, 7.13.1.10, 7.10
        NOT-FOR-US: Dell
 CVE-2024-47072 (XStream is a simple library to serialize objects to XML and 
back again ...)
        - libxstream-java 1.4.21-1 (bug #1087274)
+       [bookworm] - libxstream-java <no-dsa> (Minor issue)
        NOTE: 
https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q
        NOTE: https://x-stream.github.io/CVE-2024-47072.html
 CVE-2024-46961 (The Inshot com.downloader.privatebrowser (aka Video Downloader 
- XDown ...)
@@ -12392,6 +12394,7 @@ CVE-2024-9287 (A vulnerability has been found in the 
CPython `venv` module and C
        - python3.9 <removed>
        - python2.7 <not-affected> (Vulnerable code not present)
        - pypy3 <unfixed>
+       [bookworm] - pypy3 <no-dsa> (Minor issue)
        NOTE: 
https://mail.python.org/archives/list/security-annou...@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/
        NOTE: https://github.com/python/cpython/issues/124651
        NOTE: https://github.com/python/cpython/pull/124712


=====================================
data/dsa-needed.txt
=====================================
@@ -21,6 +21,8 @@ chromium (dilinger)
 frr
   coordination with the maintainer ongoing
 --
+jetty9
+--
 libreswan
   Waiting on feedback from maintainer
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4762c0cc5a596df636a6bfd38db52e4c4b2a61f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d4762c0cc5a596df636a6bfd38db52e4c4b2a61f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bookworm triage

Reply via email to