[Git][security-tracker-team/security-tracker][master] CVE-2024-31031/libcoap: buster not-affected + UB-related commits

Mon, 29 Apr 2024 13:41:10 -0700 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9f4efcf2 by Sylvain Beucler at 2024-04-29T22:40:40+02:00
CVE-2024-31031/libcoap: buster not-affected + UB-related commits

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2455,13 +2455,16 @@ CVE-2024-31040 (Buffer Overflow vulnerability in the 
get_var_integer function in
        NOT-FOR-US: NanoMQ
 CVE-2024-31031 (An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to 
cause un ...)
        - libcoap <removed>
+       [buster] - libcoap <not-affected> (Vulnerable code not present)
        - libcoap2 <removed>
        [bullseye] - libcoap2 <no-dsa> (Minor issue)
        [buster] - libcoap2 <not-affected> (Vulnerable code not present)
        - libcoap3 <unfixed>
        [bookworm] - libcoap3 <no-dsa> (Minor issue)
        NOTE: https://github.com/obgm/libcoap/issues/1351
-       NOTE: 
https://github.com/obgm/libcoap/commit/214665ac4b44b1b6a7e38d4d6907ee835a174928
+       NOTE: 
https://github.com/obgm/libcoap/commit/214665ac4b44b1b6a7e38d4d6907ee835a174928 
(develop)
+       NOTE: Introduced by: 
https://github.com/obgm/libcoap/commit/7033555d2978b8d4d5e16d43cfbfe1b1781c418f 
(v4.3.0-rc1)
+       NOTE: Introduced by: 
https://github.com/obgm/libcoap/commit/47a83549a80dad9a83f84cdfaba54c54defb5444 
(v4.3.2-rc1)
 CVE-2024-30990 (SQL Injection vulnerability in the "Invoices" page in 
phpgurukul Clien ...)
        NOT-FOR-US: phpgurukul Client Management System
 CVE-2024-30989 (Cross Site Scripting vulnerability in /edit-client-details.php 
of phpg ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f4efcf2a3c006d9a56b2de7b5e9a4a0160e515c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f4efcf2a3c006d9a56b2de7b5e9a4a0160e515c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to