Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
00508eba by Moritz Muehlenhoff at 2024-05-28T23:40:20+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2024-3657 (A flaw was found in 389-ds-base. A
specially-crafted LDAP query c
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2274401
TODO: check provided details
CVE-2024-36472 (In GNOME Shell through 45.7, a portal helper can be launched
automatic ...)
- - gnome-shell <unfixed>
+ - gnome-shell <unfixed> (bug #1072124)
NOTE: https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/7688
CVE-2024-36110 (ansibleguy-webui is an open source WebUI for using Ansible.
Multiple f ...)
TODO: check
@@ -19552,7 +19552,7 @@ CVE-2024-3431 (A vulnerability was found in EyouCMS
1.6.5. It has been declared
CVE-2024-3430 (A vulnerability was found in QKSMS up to 3.9.4 on Android. It
has been ...)
NOT-FOR-US: QKSMS
CVE-2024-31951 (In the Opaque LSA Extended Link parser in FRRouting (FRR)
through 9.1, ...)
- - frr <unfixed>
+ - frr <unfixed> (bug #1070377)
[bullseye] - frr <not-affected> (Vulnerable code not present)
[buster] - frr <not-affected> (Vulnerable code not present)
NOTE: https://github.com/FRRouting/frr/pull/15674/
@@ -19562,7 +19562,7 @@ CVE-2024-31951 (In the Opaque LSA Extended Link parser
in FRRouting (FRR) throug
NOTE:
https://github.com/FRRouting/frr/commit/e08495a4a8ad4d2050691d9e5e13662d2635b2e0
NOTE: vulnerable feature introduced in
https://github.com/FRRouting/frr/commit/f173deb35206a09e8dc22828cb08638e289b72a5
(first shipped with 8.0)
CVE-2024-31950 (In FRRouting (FRR) through 9.1, there can be a buffer overflow
and dae ...)
- - frr <unfixed>
+ - frr <unfixed> (bug #1070377)
[bullseye] - frr <not-affected> (Vulnerable code not present)
[buster] - frr <not-affected> (Vulnerable code not present)
NOTE: https://github.com/FRRouting/frr/pull/15674/
@@ -19573,13 +19573,12 @@ CVE-2024-31950 (In FRRouting (FRR) through 9.1, there
can be a buffer overflow a
NOTE: vulnerable feature introduced in
https://github.com/FRRouting/frr/commit/f173deb35206a09e8dc22828cb08638e289b72a5
(first shipped with 8.0)
CVE-2024-31949 (In FRRouting (FRR) through 9.1, an infinite loop can occur
when receiv ...)
{DLA-3797-1}
- - frr <unfixed>
+ - frr <unfixed> (bug #1072125)
NOTE: https://github.com/FRRouting/frr/pull/15640
- NOTE:
https://github.com/FRRouting/frr/commit/30a332dad86fafd2b0b6c61d23de59ed969a219b
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/30a332dad86fafd2b0b6c61d23de59ed969a219b
CVE-2024-31948 (In FRRouting (FRR) through 9.1, an attacker using a malformed
Prefix S ...)
{DLA-3797-1}
- - frr <unfixed>
+ - frr <unfixed> (bug #1072126)
NOTE: https://github.com/FRRouting/frr/pull/15628
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138
NOTE: Fixed by:
https://github.com/FRRouting/frr/commit/babb23b74855e23c987a63f8256d24e28c044d07
@@ -43959,7 +43958,7 @@ CVE-2023-51079 (A long execution time can occur in the
ParseTools.subCompileExpr
CVE-2023-51075 (hutool-core v5.8.23 was discovered to contain an infinite loop
in the ...)
NOT-FOR-US: Hutool
CVE-2023-51074 (json-path v2.8.0 was discovered to contain a stack overflow
via the Cr ...)
- - jayway-jsonpath <unfixed>
+ - jayway-jsonpath <unfixed> (bug #1072123)
[bookworm] - jayway-jsonpath <no-dsa> (Minor issue)
[bullseye] - jayway-jsonpath <no-dsa> (Minor issue)
[buster] - jayway-jsonpath <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00508eba7d5c3741fecf3ed8077b4bf9c86d8293
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00508eba7d5c3741fecf3ed8077b4bf9c86d8293
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
