Guilhem Moulin pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
48b538fd by Guilhem Moulin at 2024-05-04T20:49:26+02:00
CVE-2024-2798[23]/nodejs: Reference fixing commits.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11513,9 +11513,11 @@ CVE-2024-31080 (A heap-based buffer over-read
vulnerability was found in the X.o
CVE-2024-27983 (An attacker can make the Node.js HTTP/2 server completely
unavailable ...)
- nodejs 18.20.1+dfsg-1 (bug #1068347)
NOTE:
https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/
+ NOTE: Fixed by:
https://github.com/nodejs/node/commit/0fb816dbccde955cd24acc1b16497a91fab507c8
(v18.20.1)
CVE-2024-27982
- nodejs 18.20.1+dfsg-1 (bug #1068347)
NOTE:
https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/
+ NOTE: Fixed by:
https://github.com/nodejs/node/commit/5d4d5848cf557fba6dc0bfdd020471ea607950ca
(v18.20.1)
CVE-2024-3248 (In Xpdf 4.05 (and earlier), a PDF object loop in the
attachments leads ...)
- xpdf <not-affected> (Debian uses poppler, which is not affected)
CVE-2024-3247 (In Xpdf 4.05 (and earlier), a PDF object loop in an object
stream lead ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48b538fd2b92a81cd31c803019ff1ebe652c0ec5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48b538fd2b92a81cd31c803019ff1ebe652c0ec5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
