Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e61d238a by Salvatore Bonaccorso at 2024-08-23T21:25:11+02:00 Track cacti update which is proposed via bookworm point release - - - - - 2 changed files: - data/CVE/list - data/next-point-update.txt Changes: ===================================== data/CVE/list ===================================== @@ -29637,6 +29637,7 @@ CVE-2024-34353 (The matrix-sdk-crypto crate, part of the Matrix Rust SDK project NOT-FOR-US: matrix-sdk-crypto Rust crate CVE-2024-34340 (Cacti provides an operational monitoring and fault management framewor ...) - cacti 1.2.27+ds1-1 + [bookworm] - cacti <no-dsa> (Will be fixed via point release) NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m NOTE: Included in commit: https://github.com/Cacti/cacti/commit/6183961089980322dfd9fd8011ade0f41703eaea CVE-2024-34231 (A cross-site scripting (XSS) vulnerability in Sourcecodester Laborator ...) @@ -29675,26 +29676,32 @@ CVE-2024-31771 (Insecure Permission vulnerability in TotalAV v.6.0.740 allows a NOT-FOR-US: TotalAV CVE-2024-31460 (Cacti provides an operational monitoring and fault management framewor ...) - cacti 1.2.27+ds1-1 + [bookworm] - cacti <no-dsa> (Will be fixed via point release) NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r NOTE: https://github.com/Cacti/cacti/commit/8b516cb9a73322ad532231e74000c2ee097b495e CVE-2024-31459 (Cacti provides an operational monitoring and fault management framewor ...) - cacti 1.2.27+ds1-1 + [bookworm] - cacti <no-dsa> (Will be fixed via point release) NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv NOTE: https://github.com/Cacti/cacti/commit/96d9a4c60693d87ba0e347f1c7d33047b4effc61 CVE-2024-31458 (Cacti provides an operational monitoring and fault management framewor ...) - cacti 1.2.27+ds1-1 + [bookworm] - cacti <no-dsa> (Will be fixed via point release) NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x NOTE: https://github.com/Cacti/cacti/commit/9e87882007b6091171d1a4786f0de4ae20efef7b CVE-2024-31445 (Cacti provides an operational monitoring and fault management framewor ...) - cacti 1.2.27+ds1-1 + [bookworm] - cacti <no-dsa> (Will be fixed via point release) NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc NOTE: https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886 CVE-2024-31444 (Cacti provides an operational monitoring and fault management framewor ...) - cacti 1.2.27+ds1-1 + [bookworm] - cacti <no-dsa> (Will be fixed via point release) NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87 NOTE: https://github.com/Cacti/cacti/commit/86d614c38c54e0ce58774d86617ecfbb853fb57b CVE-2024-31443 (Cacti provides an operational monitoring and fault management framewor ...) - cacti 1.2.27+ds1-1 + [bookworm] - cacti <no-dsa> (Will be fixed via point release) NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3 NOTE: https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cf CVE-2024-31377 (Unrestricted Upload of File with Dangerous Type vulnerability in J.N. ...) @@ -29721,6 +29728,7 @@ CVE-2024-29895 (Cacti provides an operational monitoring and fault management fr NOTE: But fix reverted again: https://github.com/Cacti/cacti/commit/99633903cad0de5ace636249de16f77e57a3c8fc CVE-2024-29894 (Cacti provides an operational monitoring and fault management framewor ...) - cacti 1.2.27+ds1-1 + [bookworm] - cacti <no-dsa> (Will be fixed via point release) NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh NOTE: Fixed by: https://github.com/Cacti/cacti/commit/9c75f8da5b609d17c8c031fd46362f730358b792 (1.2.27) NOTE: Follow-up fix: https://github.com/Cacti/cacti/commit/6a82fa1abe81d96238a87727087572ff749d0a8d (1.2.x) @@ -29744,6 +29752,7 @@ CVE-2024-28276 (Sourcecodester School Task Manager 1.0 is vulnerable to Cross Si NOT-FOR-US: Sourcecodester School Task Manager CVE-2024-27082 (Cacti provides an operational monitoring and fault management framewor ...) - cacti 1.2.27+ds1-1 + [bookworm] - cacti <no-dsa> (Minor issue) NOTE: GitHub GHSA: https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h NOTE: bug: https://github.com/Cacti/cacti/issues/5798 NOTE: Commit [1/6] https://github.com/Cacti/cacti/commit/58a980f335980ab57659420053d89d4e721ae3fc @@ -29756,6 +29765,7 @@ CVE-2024-25662 (Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusio NOT-FOR-US: Oxygen XML Web Author and Oxygen Content Fusion CVE-2024-25641 (Cacti provides an operational monitoring and fault management framewor ...) - cacti 1.2.27+ds1-1 + [bookworm] - cacti <no-dsa> (Will be fixed via point release) NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-7cmj-g5qc-pj88 NOTE: https://github.com/Cacti/cacti/commit/eff35b0ff26cc27c82d7880469ed6d5e3bef6210 NOTE: https://github.com/Cacti/cacti/commit/624673fd417a920adbbfb4b6d6eb7ddb35a9f891 (release/1.2.27) ===================================== data/next-point-update.txt ===================================== @@ -120,3 +120,21 @@ CVE-2024-6782 [bookworm] - calibre 6.13.0+repack-2+deb12u4 CVE-2024-7264 [bookworm] - curl 7.88.1-10+deb12u7 +CVE-2024-25641 + [bookworm] - cacti 1.2.24+ds1-1+deb12u3 +CVE-2024-29894 + [bookworm] - cacti 1.2.24+ds1-1+deb12u3 +CVE-2024-31443 + [bookworm] - cacti 1.2.24+ds1-1+deb12u3 +CVE-2024-31444 + [bookworm] - cacti 1.2.24+ds1-1+deb12u3 +CVE-2024-31445 + [bookworm] - cacti 1.2.24+ds1-1+deb12u3 +CVE-2024-31458 + [bookworm] - cacti 1.2.24+ds1-1+deb12u3 +CVE-2024-31459 + [bookworm] - cacti 1.2.24+ds1-1+deb12u3 +CVE-2024-31460 + [bookworm] - cacti 1.2.24+ds1-1+deb12u3 +CVE-2024-34340 + [bookworm] - cacti 1.2.24+ds1-1+deb12u3 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e61d238a27727bae494ed5fec7c1deae871afa2b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e61d238a27727bae494ed5fec7c1deae871afa2b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits