Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: bd8541c1 by Moritz Muehlenhoff at 2024-05-28T18:13:31+02:00 new openssl issue - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,11 @@ +CVE-2024-4741 [Use After Free with SSL_free_buffers] + - openssl <unfixed> + [bookworm] - openssl <postponed> (Minor issue, fix along with next update round) + [bullseye] - openssl <postponed> (Minor issue, fix along with next update round) + NOTE: https://www.openssl.org/news/secadv/20240528.txt + NOTE: https://github.com/openssl/openssl/commit/c1bd38a003fa19fd0d8ade85e1bbc20d8ae59dab (master) + NOTE: https://github.com/openssl/openssl/commit/d095674320c84b8ed1250715b1dd5ce05f9f267b (openssl-3.2) + NOTE: https://github.com/openssl/openssl/commit/d095674320c84b8ed1250715b1dd5ce05f9f267b (openssl-3.0) CVE-2024-36428 (OrangeHRM 3.3.3 allows admin/viewProjects sortOrder SQL injection.) NOT-FOR-US: OrangeHRM CVE-2024-36426 (In TARGIT Decision Suite 23.2.15007.0 before Autumn 2023, the session ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd8541c1793743d9a8103d22672417b6be8ea707 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd8541c1793743d9a8103d22672417b6be8ea707 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
