[Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVE-2024-23252
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0748ae4c by Salvatore Bonaccorso at 2024-04-10T06:28:05+02:00 Remove notes from now rejected CVE-2024-23252 The reason only mentions that it has been rejected or withdrawn by its CVE Numbering Authority, so without explanation. - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -9428,12 +9428,6 @@ CVE-2024-23253 (A permissions issue was addressed with additional restrictions. NOT-FOR-US: Apple CVE-2024-23252 REJECTED - - webkit2gtk 2.44.0-1 - [buster] - webkit2gtk (EOL in buster LTS) - - wpewebkit - [bookworm] - wpewebkit (wpewebkit not covered by security support in Bookworm) - [bullseye] - wpewebkit (wpewebkit >= 2.40 can no longer be sensibly backported) - NOTE: https://webkitgtk.org/security/WSA-2024-0002.html CVE-2024-23250 (An access issue was addressed with improved access restrictions. This ...) NOT-FOR-US: Apple CVE-2024-23249 (The issue was addressed with improved memory handling. This issue is f ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0748ae4cb56e47bd95563d0c3ecf92803804335e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0748ae4cb56e47bd95563d0c3ecf92803804335e You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVE-2023-4413
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 1015d981 by Salvatore Bonaccorso at 2023-10-18T14:29:12+02:00 Remove notes from now rejected CVE-2023-4413 The assinment for rkhunter was bogus and finally rejected an CNA level. - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -,7 +,6 @@ CVE-2023-4414 (A vulnerability was found in Beijing Baichuo Smart S85F Managemen NOT-FOR-US: Beijing Baichuo Smart S85F Management Platform CVE-2023-4413 REJECTED - NOTE: Bogus CVE assignment (bug #1051896) CVE-2023-4412 (A vulnerability was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B2020102 ...) NOT-FOR-US: TOTOLINK CVE-2023-4411 (A vulnerability has been found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1015d981ca46ec97f173ddece6402bc6e43e668b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1015d981ca46ec97f173ddece6402bc6e43e668b You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVE CVE-2023-21261
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 960053ad by Salvatore Bonaccorso at 2023-07-27T14:47:36+02:00 Remove notes from now rejected CVE CVE-2023-21261 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -49207,11 +49207,6 @@ CVE-2023-21262 (In startInput of AudioPolicyInterfaceImpl.cpp, there is a possib NOT-FOR-US: Android CVE-2023-21261 REJECTED - NOTE: Duplicate of CVE-2022-27405 and CVE-2022-27406, contacted Google to reject - NOTE: https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 (VER-2-12-0) - NOTE: https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2 (VER-2-12-0) - NOTE: https://gitlab.freedesktop.org/freetype/freetype/-/commit/d014387ad4a5dd04d8e7f99587c7dacb70261924 (VER-2-12-0) (seems Google missed that one...) - NOTE: https://android.googlesource.com/platform/external/freetype/+/d45f0e49ab54065eb72d92aa3cc5f2152b0910b7 CVE-2023-21260 (In notification access permission dialog box, malicious application ca ...) NOT-FOR-US: Android CVE-2023-21259 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/960053ad041bd5feded381b7013cc37974f2745d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/960053ad041bd5feded381b7013cc37974f2745d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Remove notes from now REJECTED CVE
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e77e12b9 by Salvatore Bonaccorso at 2023-07-05T10:41:33+02:00 Remove notes from now REJECTED CVE - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -131,7 +131,6 @@ CVE-2023-36291 (Cross Site Scripting vulnerability in Maxsite CMS v.108.7 allows NOT-FOR-US: Maxsite CMS CVE-2023-36262 REJECTED - NOTE: Bogus report against OBS Studio (src:obs-studio) CVE-2023-36258 (An issue in langchain v.0.0.199 allows an attacker to execute arbitrar ...) NOT-FOR-US: Langchain CVE-2023-36223 (Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and be ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e77e12b956d45d7da80c4c03e639b2174f7c4338 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e77e12b956d45d7da80c4c03e639b2174f7c4338 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVE (former usememos)
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 6afe13cc by Salvatore Bonaccorso at 2022-12-29T09:16:17+01:00 Remove notes from now rejected CVE (former usememos) - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1052,7 +1052,6 @@ CVE-2022-4686 (Improper Authentication in GitHub repository usememos/memos prior NOT-FOR-US: usememos CVE-2022-4685 REJECTED - NOT-FOR-US: usememos CVE-2022-4684 (Improper Access Control in GitHub repository usememos/memos prior to 0 ...) NOT-FOR-US: usememos CVE-2022-4683 (Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6afe13cc8d3ce861e10945af52c11f54ebb04151 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6afe13cc8d3ce861e10945af52c11f54ebb04151 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVE-2022-24304 (duplicate of CVE-2022-2564)
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b5b3a02e by Salvatore Bonaccorso at 2022-09-20T22:44:58+02:00 Remove notes from now rejected CVE-2022-24304 (duplicate of CVE-2022-2564) - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -46359,7 +46359,6 @@ CVE-2022-24305 (Zoho ManageEngine SharePoint Manager Plus before 4329 is vulnera NOT-FOR-US: Zoho ManageEngine CVE-2022-24304 REJECTED - NOT-FOR-US: Mongoose CVE-2022-24303 (Pillow before 9.0.1 allows attackers to delete files because spaces in ...) - pillow 9.0.1-1 [bullseye] - pillow (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5b3a02ecb1daf562788e64ed4352a19dbb7090d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5b3a02ecb1daf562788e64ed4352a19dbb7090d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVE-2021-20242
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 39c1a437 by Salvatore Bonaccorso at 2021-02-23T21:12:54+01:00 Remove notes from now rejected CVE-2021-20242 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -17700,7 +17700,6 @@ CVE-2021-20243 [Division by zero in GetResizeFilterWeight in MagickCore/resize.c TODO: check CVE-2021-20242 REJECTED - NOTE: Duplicate of CVE-2021-20176, pending rejection of assigning CNA CVE-2021-20241 [Division by zero in WriteJP2Image() in coders/jp2.c] RESERVED - imagemagick View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39c1a437fb05710702a23aa9c12d44e85574237a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39c1a437fb05710702a23aa9c12d44e85574237a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
