Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3c8184c6 by Anton Gladky at 2022-10-06T22:28:36+02:00 LTS: triage gajim - - - - - c5768503 by Anton Gladky at 2022-10-06T22:28:38+02:00 Ignore all pluxml issues in buster - - - - - 3ba8c53e by Anton Gladky at 2022-10-06T22:30:34+02:00 LTS: triage joblib - - - - - fe280448 by Anton Gladky at 2022-10-06T22:38:49+02:00 LTS: triage modsecurity-crs - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -480117,8 +480117,10 @@ CVE-2012-4677 (Tunnelblick 3.3beta20 and earlier allows local users to gain priv CVE-2012-4676 (The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and e ...) NOT-FOR-US: Tunnelblick CVE-2012-4675 (Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote ...) + [buster] - pluxml <ignored> Issue is 10 years old. Package exists only in this suite. Popcon: 4 (2022.10.06). - pluxml <undetermined> CVE-2012-4674 (PluXml before 5.1.6 allows remote attackers to obtain the installation ...) + [buster] - pluxml <ignored> Issue is 10 years old. Package exists only in this suite. Popcon: 4 (2022.10.06). - pluxml <undetermined> CVE-2012-4673 (SQL injection vulnerability in application/controllers/invoice.php in ...) NOT-FOR-US: Neoinvoice @@ -558678,6 +558680,7 @@ CVE-2007-3543 (Unrestricted file upload vulnerability in WordPress before 2.2.1 - wordpress 2.2.1-1 [etch] - wordpress <not-affected> (Vulnerable code not present) CVE-2007-3542 (Cross-site scripting (XSS) vulnerability in admin/auth.php in Pluxml 0 ...) + [buster] - pluxml <ignored> Issue is 15 years old. Package exists only in this suite. Popcon: 4 (2022.10.06). - pluxml <undetermined> CVE-2007-3541 (Cross-site scripting (XSS) vulnerability in Kurinton sHTTPd 20070408 a ...) NOT-FOR-US: Kurinton sHTTPd @@ -559015,6 +559018,7 @@ CVE-2007-3434 (index.php in Pharmacy System 2 and earlier allows remote attacker CVE-2007-3433 (SQL injection vulnerability in index.php in Pharmacy System 2 and earl ...) NOT-FOR-US: Pharmacy System CVE-2007-3432 (Unrestricted file upload vulnerability in admin/images.php in Pluxml 0 ...) + [buster] - pluxml <ignored> Issue is 15 years old. Package exists only in this suite. Popcon: 4 (2022.10.06). - pluxml <undetermined> CVE-2007-3431 (PHP remote file inclusion vulnerability in cal.func.php in Valerio Cap ...) NOT-FOR-US: Dagger ===================================== data/dla-needed.txt ===================================== @@ -46,6 +46,9 @@ frr (Thorsten Alteholz) fwupd NOTE: 20221003: Programming language: C++. -- +gajim + NOTE: 20221006: Programming language: Python. +-- gerbv NOTE: 20220923: Programming language: C. -- @@ -76,6 +79,9 @@ imagemagick NOTE: 20220904: VCS: https://salsa.debian.org/lts-team/packages/imagemagick.git NOTE: 20220904: Should be synced with Stretch. (apo) -- +joblib + NOTE: 20221006: Programming language: Python. +-- knot-resolver (Chris Lamb) NOTE: 20221003: Programming language: C. -- @@ -96,6 +102,10 @@ man2html mbedtls NOTE: 20220821: Programming language: C. -- +modsecurity-crs + NOTE: 20221006: Programming language: Other. + NOTE: 20221006: Maintainer notes: Please contact maintainer. Consider uploading of newer version. +-- netatalk NOTE: 20220816: Programming language: C. NOTE: 20220912: We get errors in the log, not present on bookworm. Needs more investigation. (stefanor) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0275d7b22983483569b602b2e41e62c16cd16b21...fe280448e1117137cdf8440a17b03b8014989874 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0275d7b22983483569b602b2e41e62c16cd16b21...fe280448e1117137cdf8440a17b03b8014989874 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits