Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6c69285c by Salvatore Bonaccorso at 2024-04-15T17:59:56+02:00
Wrap note for one CVE entry
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9398,7 +9398,8 @@ CVE-2024-23944 (Information disclosure in persistent
watchers handling in Apache
NOTE: Fixed by:
https://github.com/apache/zookeeper/commit/daf7cfd04005cff1a4f7cab5ab13d41db88d0cd8
(release-3.9.2-0)
NOTE: Persistent (and p-recursive) watches were introduced by
ZOOKEEPER-1416, which only exists in 3.6+.
NOTE: See https://issues.apache.org/jira/browse/ZOOKEEPER-1416
- NOTE: However, classical watches are used (<< 3.6), it seems that to
trigger for nodes whose names are not known in advance is not possible.
Nevertheless classical watch leaks some information
+ NOTE: However, classical watches are used (<< 3.6), it seems that to
trigger for nodes whose names are not
+ NOTE: known in advance is not possible. Nevertheless classical watch
leaks some information.
CVE-2024-2746
NOT-FOR-US: dnf5daemon-server
CVE-2024-1930
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c69285ca68a55ac5d6599fb680ce007389cdfc8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c69285ca68a55ac5d6599fb680ce007389cdfc8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
