Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 17b2ea62 by Salvatore Bonaccorso at 2024-05-26T20:58:12+02:00 Update status for CVE-2024-3708/lighttpd The CNA will publish details only on July 9th, 2024 but the pre-announce in [1] declares it to be an issue fixed in 2018 siently by the maintainer in 1.4.51 upstream. The first version in unstable containing the fix was 1.4.52-1, so mark it as the fixed version. [1] https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -732,8 +732,8 @@ CVE-2024-3917 (The Pet Manager WordPress plugin through 1.4 does not sanitise an CVE-2024-3711 (The Brizy \u2013 Page Builder plugin for WordPress is vulnerable to un ...) NOT-FOR-US: WordPress plugin CVE-2024-3708 (A condition exists in lighttpd version prior to 1.4.51 whereby a remot ...) - - lighttpd <undetermined> - TODO: check, maybe fixed in 1.4.51, details will be only pubished on July 9th, 2024 + - lighttpd 1.4.52-1 + TODO: check details (will be only pubished on July 9th, 2024), but said to be an issue fixed by maintainer in 2018 in version 1.4.51 CVE-2024-3648 (The ShareThis Share Buttons plugin for WordPress is vulnerable to Stor ...) NOT-FOR-US: WordPress plugin CVE-2024-3626 (The Email Subscribers by Icegram Express \u2013 Email Marketing, Newsl ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17b2ea62b125b0fedfb07428bddf308cdff31160 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17b2ea62b125b0fedfb07428bddf308cdff31160 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
