[Git][security-tracker-team/security-tracker][master] Track cacti update which is proposed via bookworm point release

Salvatore Bonaccorso (@carnil) Fri, 23 Aug 2024 12:26:56 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e61d238a by Salvatore Bonaccorso at 2024-08-23T21:25:11+02:00
Track cacti update which is proposed via bookworm point release

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -29637,6 +29637,7 @@ CVE-2024-34353 (The matrix-sdk-crypto crate, part of 
the Matrix Rust SDK project
        NOT-FOR-US: matrix-sdk-crypto Rust crate
 CVE-2024-34340 (Cacti provides an operational monitoring and fault management 
framewor ...)
        - cacti 1.2.27+ds1-1
+       [bookworm] - cacti <no-dsa> (Will be fixed via point release)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m
        NOTE: Included in commit: 
https://github.com/Cacti/cacti/commit/6183961089980322dfd9fd8011ade0f41703eaea
 CVE-2024-34231 (A cross-site scripting (XSS) vulnerability in Sourcecodester 
Laborator ...)
@@ -29675,26 +29676,32 @@ CVE-2024-31771 (Insecure Permission vulnerability in 
TotalAV v.6.0.740 allows a
        NOT-FOR-US: TotalAV
 CVE-2024-31460 (Cacti provides an operational monitoring and fault management 
framewor ...)
        - cacti 1.2.27+ds1-1
+       [bookworm] - cacti <no-dsa> (Will be fixed via point release)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r
        NOTE: 
https://github.com/Cacti/cacti/commit/8b516cb9a73322ad532231e74000c2ee097b495e
 CVE-2024-31459 (Cacti provides an operational monitoring and fault management 
framewor ...)
        - cacti 1.2.27+ds1-1
+       [bookworm] - cacti <no-dsa> (Will be fixed via point release)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv
        NOTE: 
https://github.com/Cacti/cacti/commit/96d9a4c60693d87ba0e347f1c7d33047b4effc61
 CVE-2024-31458 (Cacti provides an operational monitoring and fault management 
framewor ...)
        - cacti 1.2.27+ds1-1
+       [bookworm] - cacti <no-dsa> (Will be fixed via point release)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x
        NOTE: 
https://github.com/Cacti/cacti/commit/9e87882007b6091171d1a4786f0de4ae20efef7b
 CVE-2024-31445 (Cacti provides an operational monitoring and fault management 
framewor ...)
        - cacti 1.2.27+ds1-1
+       [bookworm] - cacti <no-dsa> (Will be fixed via point release)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc
        NOTE: 
https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886
 CVE-2024-31444 (Cacti provides an operational monitoring and fault management 
framewor ...)
        - cacti 1.2.27+ds1-1
+       [bookworm] - cacti <no-dsa> (Will be fixed via point release)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87
        NOTE: 
https://github.com/Cacti/cacti/commit/86d614c38c54e0ce58774d86617ecfbb853fb57b
 CVE-2024-31443 (Cacti provides an operational monitoring and fault management 
framewor ...)
        - cacti 1.2.27+ds1-1
+       [bookworm] - cacti <no-dsa> (Will be fixed via point release)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3
        NOTE: 
https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cf
 CVE-2024-31377 (Unrestricted Upload of File with Dangerous Type vulnerability 
in J.N.  ...)
@@ -29721,6 +29728,7 @@ CVE-2024-29895 (Cacti provides an operational 
monitoring and fault management fr
        NOTE: But fix reverted again: 
https://github.com/Cacti/cacti/commit/99633903cad0de5ace636249de16f77e57a3c8fc
 CVE-2024-29894 (Cacti provides an operational monitoring and fault management 
framewor ...)
        - cacti 1.2.27+ds1-1
+       [bookworm] - cacti <no-dsa> (Will be fixed via point release)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh
        NOTE: Fixed by: 
https://github.com/Cacti/cacti/commit/9c75f8da5b609d17c8c031fd46362f730358b792 
(1.2.27)
        NOTE: Follow-up fix: 
https://github.com/Cacti/cacti/commit/6a82fa1abe81d96238a87727087572ff749d0a8d 
(1.2.x)
@@ -29744,6 +29752,7 @@ CVE-2024-28276 (Sourcecodester School Task Manager 1.0 
is vulnerable to Cross Si
        NOT-FOR-US: Sourcecodester School Task Manager
 CVE-2024-27082 (Cacti provides an operational monitoring and fault management 
framewor ...)
        - cacti 1.2.27+ds1-1
+       [bookworm] - cacti <no-dsa> (Minor issue)
        NOTE: GitHub GHSA: 
https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h
        NOTE: bug: https://github.com/Cacti/cacti/issues/5798
        NOTE: Commit [1/6] 
https://github.com/Cacti/cacti/commit/58a980f335980ab57659420053d89d4e721ae3fc
@@ -29756,6 +29765,7 @@ CVE-2024-25662 (Oxygen XML Web Author v26.0.0 and older 
and Oxygen Content Fusio
        NOT-FOR-US: Oxygen XML Web Author and Oxygen Content Fusion
 CVE-2024-25641 (Cacti provides an operational monitoring and fault management 
framewor ...)
        - cacti 1.2.27+ds1-1
+       [bookworm] - cacti <no-dsa> (Will be fixed via point release)
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88
        NOTE: 
https://github.com/Cacti/cacti/commit/eff35b0ff26cc27c82d7880469ed6d5e3bef6210
        NOTE: 
https://github.com/Cacti/cacti/commit/624673fd417a920adbbfb4b6d6eb7ddb35a9f891 
(release/1.2.27)


=====================================
data/next-point-update.txt
=====================================
@@ -120,3 +120,21 @@ CVE-2024-6782
        [bookworm] - calibre 6.13.0+repack-2+deb12u4
 CVE-2024-7264
        [bookworm] - curl 7.88.1-10+deb12u7
+CVE-2024-25641
+       [bookworm] - cacti 1.2.24+ds1-1+deb12u3
+CVE-2024-29894
+       [bookworm] - cacti 1.2.24+ds1-1+deb12u3
+CVE-2024-31443
+       [bookworm] - cacti 1.2.24+ds1-1+deb12u3
+CVE-2024-31444
+       [bookworm] - cacti 1.2.24+ds1-1+deb12u3
+CVE-2024-31445
+       [bookworm] - cacti 1.2.24+ds1-1+deb12u3
+CVE-2024-31458
+       [bookworm] - cacti 1.2.24+ds1-1+deb12u3
+CVE-2024-31459
+       [bookworm] - cacti 1.2.24+ds1-1+deb12u3
+CVE-2024-31460
+       [bookworm] - cacti 1.2.24+ds1-1+deb12u3
+CVE-2024-34340
+       [bookworm] - cacti 1.2.24+ds1-1+deb12u3



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e61d238a27727bae494ed5fec7c1deae871afa2b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e61d238a27727bae494ed5fec7c1deae871afa2b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track cacti update which is proposed via bookworm point release

Reply via email to