Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6cea85de by Moritz Muehlenhoff at 2024-05-28T10:07:58+02:00
new libarchive issue
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -18635,7 +18635,10 @@ CVE-2024-26275 (A vulnerability has been identified in
Parasolid V35.1 (All vers
CVE-2024-26257 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-26256 (libarchive Remote Code Execution Vulnerability)
- TODO: check
+ - libarchive <unfixed>
+ NOTE: https://github.com/advisories/GHSA-2jc9-36w4-pmqw
+ NOTE: https://github.com/libarchive/libarchive/pull/2135
+ NOTE:
https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237
(v3.7.4)
CVE-2024-26255 (Windows Remote Access Connection Manager Information
Disclosure Vulner ...)
NOT-FOR-US: Microsoft
CVE-2024-26254 (Microsoft Virtual Machine Bus (VMBus) Denial of Service
Vulnerability)
=====================================
data/dsa-needed.txt
=====================================
@@ -31,6 +31,8 @@ gst-plugins-base1.0 (carnil)
--
h2o (jmm)
--
+libarchive
+--
libreswan (jmm)
Maintainer prepared bookworm-security update, but needs work on
bullseye-security backports
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6cea85de655d5793dafcdc57cde308df368486fa
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6cea85de655d5793dafcdc57cde308df368486fa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
