Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: f588885f by Markus Koschany at 2025-03-26T13:28:17+01:00 CVE-2025-30258,gnupg2: bullseye is postponed Minor issue. - - - - - 604c5531 by Markus Koschany at 2025-03-26T13:28:18+01:00 CVE-2024-9880,pandas: bullseye is ignored According to the panda developers the query function works as intended. https://github.com/pandas-dev/pandas/issues/60602 Not a security problem - - - - - b66327b2 by Markus Koschany at 2025-03-26T13:28:51+01:00 CVE-2022-49737,xorg-server: bullseye is postponed Minor issue - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1103,6 +1103,7 @@ CVE-2024-9900 (mudler/localai version v2.21.1 contains a Cross-Site Scripting (X CVE-2024-9880 (A command injection vulnerability exists in the `pandas.DataFrame.quer ...) - pandas <unfixed> [bookworm] - pandas <no-dsa> (Minor issue) + [bullseye] - pandas <ignored> (Minor issue) NOTE: https://huntr.com/bounties/a49baae1-4652-4d6c-a179-313c21c41a8d CVE-2024-9847 (FlatPress CMS version latest is vulnerable to Cross-Site Request Forge ...) - flatpress <itp> (bug #466297) @@ -1803,6 +1804,7 @@ CVE-2024-12016 (Improper Neutralization of Special Elements used in an SQL Comma CVE-2025-30258 (In GnuPG before 2.5.5, if a user chooses to import a certificate with ...) - gnupg2 2.2.46-5 (bug #1100990) [bookworm] - gnupg2 <no-dsa> (Minor issue) + [bullseye] - gnupg2 <postponed> (Minor issue) NOTE: https://lists.gnupg.org/pipermail/gnupg-announce/2025q1/000491.html NOTE: https://dev.gnupg.org/T7527 NOTE: https://gitlab.com/freepg/gnupg/-/merge_requests/18 @@ -2588,6 +2590,7 @@ CVE-2024-13126 (The Download Manager WordPress plugin before 3.3.07 doesn't prev CVE-2022-49737 (In X.Org X server 20.11 through 21.1.16, when a client application use ...) - xorg-server <unfixed> (bug #1081338) [bookworm] - xorg-server <postponed> (Minor issue, can be fixed along in future DSA) + [bullseye] - xorg-server <postponed> (Minor issue) NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1260 NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/dc7cb45482cea6ccec22d117ca0b489500b4d0a0 CVE-2025-2333 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f736483264955217b2bdca44c4cfe9d9f5f6f898...b66327b2abebb7b4c6abff779be754f428f71ec5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f736483264955217b2bdca44c4cfe9d9f5f6f898...b66327b2abebb7b4c6abff779be754f428f71ec5 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
