[Git][security-tracker-team/security-tracker][master] bugnums

Fri, 10 May 2024 10:35:32 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f475b9aa by Moritz Muehlenhoff at 2024-05-10T19:34:29+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -117,7 +117,7 @@ CVE-2024-3807 (The Porto theme for WordPress is vulnerable 
to Local File Inclusi
 CVE-2024-3806 (The Porto theme for WordPress is vulnerable to Local File 
Inclusion in ...)
        NOT-FOR-US: WordPress theme
 CVE-2024-3727 (A flaw was found in the github.com/containers/image library. 
This flaw ...)
-       - golang-github-opencontainers-go-digest <unfixed>
+       - golang-github-opencontainers-go-digest <unfixed> (bug #1070858)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2274767
 CVE-2024-3722 (The Swift Performance Lite plugin for WordPress is vulnerable 
to unaut ...)
        NOT-FOR-US: WordPress plugin
@@ -289,7 +289,7 @@ CVE-2024-32717 (Missing Authorization vulnerability in 
WPDeveloper SchedulePress
 CVE-2024-32712 (Missing Authorization vulnerability in Podlove Podlove Podcast 
Publish ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-32655 (Npgsql is the .NET data provider for PostgreSQL. In 8.0.2 and 
earlier, ...)
-       - npgsql <unfixed>
+       - npgsql <unfixed> (bug #1070859)
        NOTE: 
https://github.com/npgsql/npgsql/security/advisories/GHSA-x9vc-6hfv-hg8c
        NOTE: 
https://github.com/npgsql/npgsql/commit/f7e7ead0702d776a8f551f5786c4cac2d65c4bc6
 CVE-2024-32624 (HDF5 Library through 1.14.3 contains a heap-based buffer 
overflow in H ...)
@@ -2502,7 +2502,7 @@ CVE-2023-44430 (Bentley View SKP File Parsing 
Use-After-Free Remote Code Executi
        NOT-FOR-US: Bentley
 CVE-2023-44428 (MuseScore CAP File Parsing Heap-based Buffer Overflow Remote 
Code Exec ...)
        - musescore2 <unfixed>
-       - musescore3 <unfixed>
+       - musescore3 <unfixed> (bug #1070860)
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1526/
 CVE-2023-44427 (D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command 
Injecti ...)
        NOT-FOR-US: D-Link



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f475b9aa1d4e9c0b83c7a6ac3753cd9c2895a671

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f475b9aa1d4e9c0b83c7a6ac3753cd9c2895a671
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to