[Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2024-27322

Wed, 12 Jun 2024 11:37:35 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5675c8df by Salvatore Bonaccorso at 2024-06-12T20:35:16+02:00
Add Debian bug reference for CVE-2024-27322

- - - - -
3cc99587 by Salvatore Bonaccorso at 2024-06-12T20:36:36+02:00
Update severity for CVE-2024-27322 and add notes from upstream viewpoint

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16661,11 +16661,13 @@ CVE-2024-28961 (Dell OpenManage Enterprise, versions 
4.0.0 and 4.0.1, contains a
 CVE-2024-28320 (Insecure Direct Object References (IDOR) vulnerability in 
Hospital Man ...)
        NOT-FOR-US: Hospital Management System
 CVE-2024-27322 (Deserialization of untrusted data can occur in the R 
statistical progr ...)
-       - r-base 4.4.0-2
+       - r-base 4.4.0-2 (bug #1073061; unimportant)
        NOTE: https://hiddenlayer.com/research/r-bitrary-code-execution/
        NOTE: https://kb.cert.org/vuls/id/238194
        NOTE: 
https://src.fedoraproject.org/rpms/R/blob/f39/f/R-CVE-2024-27322.patch
        NOTE: 
https://github.com/r-devel/r-svn/commit/f7c46500f455eb4edfc3656c3fa20af61b16abb7
+       NOTE: 
https://blog.r-project.org/2024/05/10/statement-on-cve-2024-27322/index.html
+       NOTE: Not considered a security issue by R Core (upstream) and the R 
Foundation.
 CVE-2024-23995 (Cross Site Scripting (XSS) in Beekeeper Studio 4.1.13 and 
earlier allo ...)
        NOT-FOR-US: Beekeeper Studio
 CVE-2024-1969 (Buffer Copy without Checking Size of Input ('Classic Buffer 
Overflow') ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/90ea4f5760b633bd31002102f1c34c16f643ae35...3cc99587fb035e2718f716a01f82df34deab5f88

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/90ea4f5760b633bd31002102f1c34c16f643ae35...3cc99587fb035e2718f716a01f82df34deab5f88
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to