Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a1428f52 by Moritz Muehlenhoff at 2024-02-16T12:44:28+01:00
new azure-uamqp-python issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -952,7 +952,9 @@ CVE-2024-25112 (Exiv2 is a command-line utility and C++
library for reading, wri
NOTE: Fixed by:
https://github.com/Exiv2/exiv2/commit/355afea485550e8214ac6b449fb210a7efb71365
(v0.28.2)
TODO: unclear range of affected versions: while the report claims it is
new in v0.28.0 the QuickTimeVideo::multipleEntriesDecoder is present earlier
CVE-2024-25110 (The UAMQP is a general purpose C library for AMQP 1.0. During
a call t ...)
- TODO: check
+ - azure-uamqp-python <unfixed>
+ NOTE:
https://github.com/Azure/azure-uamqp-c/commit/30865c9ccedaa32ddb036e87a8ebb52c3f18f695
+ NOTE:
https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-c646-4whf-r67v
CVE-2024-25108 (Pixelfed is an open source photo sharing platform. When
processing req ...)
NOT-FOR-US: Pixelfed
CVE-2024-24935 (Cross-Site Request Forgery (CSRF) vulnerability in
WpSimpleTools Basic ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1428f529aafad4e6a977d3c50d1513ce06e89db
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1428f529aafad4e6a977d3c50d1513ce06e89db
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
