Anton Gladky pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3c8184c6 by Anton Gladky at 2022-10-06T22:28:36+02:00
LTS: triage gajim
- - - - -
c5768503 by Anton Gladky at 2022-10-06T22:28:38+02:00
Ignore all pluxml issues in buster
- - - - -
3ba8c53e by Anton Gladky at 2022-10-06T22:30:34+02:00
LTS: triage joblib
- - - - -
fe280448 by Anton Gladky at 2022-10-06T22:38:49+02:00
LTS: triage modsecurity-crs
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -480117,8 +480117,10 @@ CVE-2012-4677 (Tunnelblick 3.3beta20 and earlier
allows local users to gain priv
CVE-2012-4676 (The errorExitIfAttackViaString function in Tunnelblick
3.3beta20 and e ...)
NOT-FOR-US: Tunnelblick
CVE-2012-4675 (Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows
remote ...)
+ [buster] - pluxml <ignored> Issue is 10 years old. Package exists only
in this suite. Popcon: 4 (2022.10.06).
- pluxml <undetermined>
CVE-2012-4674 (PluXml before 5.1.6 allows remote attackers to obtain the
installation ...)
+ [buster] - pluxml <ignored> Issue is 10 years old. Package exists only
in this suite. Popcon: 4 (2022.10.06).
- pluxml <undetermined>
CVE-2012-4673 (SQL injection vulnerability in
application/controllers/invoice.php in ...)
NOT-FOR-US: Neoinvoice
@@ -558678,6 +558680,7 @@ CVE-2007-3543 (Unrestricted file upload vulnerability
in WordPress before 2.2.1
- wordpress 2.2.1-1
[etch] - wordpress <not-affected> (Vulnerable code not present)
CVE-2007-3542 (Cross-site scripting (XSS) vulnerability in admin/auth.php in
Pluxml 0 ...)
+ [buster] - pluxml <ignored> Issue is 15 years old. Package exists only
in this suite. Popcon: 4 (2022.10.06).
- pluxml <undetermined>
CVE-2007-3541 (Cross-site scripting (XSS) vulnerability in Kurinton sHTTPd
20070408 a ...)
NOT-FOR-US: Kurinton sHTTPd
@@ -559015,6 +559018,7 @@ CVE-2007-3434 (index.php in Pharmacy System 2 and
earlier allows remote attacker
CVE-2007-3433 (SQL injection vulnerability in index.php in Pharmacy System 2
and earl ...)
NOT-FOR-US: Pharmacy System
CVE-2007-3432 (Unrestricted file upload vulnerability in admin/images.php in
Pluxml 0 ...)
+ [buster] - pluxml <ignored> Issue is 15 years old. Package exists only
in this suite. Popcon: 4 (2022.10.06).
- pluxml <undetermined>
CVE-2007-3431 (PHP remote file inclusion vulnerability in cal.func.php in
Valerio Cap ...)
NOT-FOR-US: Dagger
=====================================
data/dla-needed.txt
=====================================
@@ -46,6 +46,9 @@ frr (Thorsten Alteholz)
fwupd
NOTE: 20221003: Programming language: C++.
--
+gajim
+ NOTE: 20221006: Programming language: Python.
+--
gerbv
NOTE: 20220923: Programming language: C.
--
@@ -76,6 +79,9 @@ imagemagick
NOTE: 20220904: VCS:
https://salsa.debian.org/lts-team/packages/imagemagick.git
NOTE: 20220904: Should be synced with Stretch. (apo)
--
+joblib
+ NOTE: 20221006: Programming language: Python.
+--
knot-resolver (Chris Lamb)
NOTE: 20221003: Programming language: C.
--
@@ -96,6 +102,10 @@ man2html
mbedtls
NOTE: 20220821: Programming language: C.
--
+modsecurity-crs
+ NOTE: 20221006: Programming language: Other.
+ NOTE: 20221006: Maintainer notes: Please contact maintainer. Consider
uploading of newer version.
+--
netatalk
NOTE: 20220816: Programming language: C.
NOTE: 20220912: We get errors in the log, not present on bookworm. Needs
more investigation. (stefanor)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0275d7b22983483569b602b2e41e62c16cd16b21...fe280448e1117137cdf8440a17b03b8014989874
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0275d7b22983483569b602b2e41e62c16cd16b21...fe280448e1117137cdf8440a17b03b8014989874
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
