Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 664b6d92 by Salvatore Bonaccorso at 2024-02-16T21:32:04+01:00 Integrate updates for CVE-2024-25580 As suggested by James Addison add a reference to the blog entry for CVE-2024-25580 and while at it update the status for buster as reported. Link: https://salsa.debian.org/security-tracker-team/security-tracker/-/merge_requests/165 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -57,11 +57,13 @@ CVE-2024-25580 [QT KTX buffer overflow] [experimental] - qt6-base 6.6.2+dfsg-1 - qt6-base <unfixed> (bug #1064052) - qtbase-opensource-src <unfixed> (bug #1064053) + [buster] - qtbase-opensource-src <not-affected> (Vulnerable code not present) - qtbase-opensource-src-gles <unfixed> (bug #1064054) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2264423 NOTE: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=28ecb523ce8490bff38b251b3df703c72e057519 NOTE: https://code.qt.io/cgit/qt/qtbase.git/commit/?id=dec1863c7dc63e5788b0c6c061d36e856a6ae2b2 (v6.6.2) NOTE: https://download.qt.io/official_releases/qt/5.15/CVE-2024-25580-qtbase-5.15.diff + NOTE: https://www.qt.io/blog/security-advisory-potential-buffer-overflow-when-reading-ktx-images CVE-2024-25415 (A remote code execution (RCE) vulnerability in /admin/define_language. ...) NOT-FOR-US: CE Phoenix CVE-2024-25414 (An arbitrary file upload vulnerability in /admin/upgrade of CSZ CMS v1 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/664b6d921e27672e22e31919086449214e91b151 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/664b6d921e27672e22e31919086449214e91b151 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits