Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
73b9c503 by security tracker role at 2024-06-30T20:12:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2024-5062 (A reflected Cross-Site Scripting (XSS) vulnerability was
identified in ...)
+ TODO: check
+CVE-2024-35119 (IBM InfoSphere Information Server 11.7 could allow a remote
attacker t ...)
+ TODO: check
+CVE-2024-31902 (IBM InfoSphere Information Server 11.7 is vulnerable to
cross-site req ...)
+ TODO: check
+CVE-2024-31898 (IBM InfoSphere Information Server 11.7 could allow an
authenticated us ...)
+ TODO: check
+CVE-2024-28798 (IBM InfoSphere Information Server 11.7 is vulnerable to stored
cross-s ...)
+ TODO: check
+CVE-2024-28797 (IBM InfoSphere Information Server 11.7 is vulnerable stored to
cross-s ...)
+ TODO: check
+CVE-2024-28795 (IBM InfoSphere Information Server 11.7 is vulnerable to
cross-site scr ...)
+ TODO: check
+CVE-2024-28794 (IBM InfoSphere Information Server 11.7 is vulnerable to
cross-site scr ...)
+ TODO: check
+CVE-2023-50964 (IBM InfoSphere Information Server 11.7 is vulnerable to
cross-site scr ...)
+ TODO: check
+CVE-2023-50954 (IBM InfoSphere Information Server 11.7 returns sensitive
information i ...)
+ TODO: check
+CVE-2023-50953 (IBM InfoSphere Information Server 11.7 could allow a remote
attacker t ...)
+ TODO: check
+CVE-2023-50952 (IBM InfoSphere Information Server 11.7 is vulnerable to
server-side re ...)
+ TODO: check
+CVE-2023-35022 (IBM InfoSphere Information Server 11.7 could allow a local
user to upd ...)
+ TODO: check
CVE-2024-6415 (A vulnerability classified as problematic was found in Ingenico
Estate ...)
NOT-FOR-US: ngenico Estate Manager
CVE-2024-6414 (A vulnerability classified as problematic has been found in
Parsec Aut ...)
@@ -3503,17 +3529,17 @@ CVE-2024-38448 (htags in GNU Global through 6.6.12
allows code execution in situ
NOTE:
https://lists.gnu.org/archive/html/bug-global/2024-05/msg00009.html
CVE-2024-38443 (C/sorting/binary_insertion_sort.c in The Algorithms - C
through e5dad3 ...)
NOT-FOR-US: The Algorithms - C
-CVE-2024-38441 (Netatalk 3.2.0 has an off-by-one error and resultant
heap-based buffer ...)
+CVE-2024-38441 (Netatalk before 3.2.1 has an off-by-one error and resultant
heap-based ...)
- netatalk <unfixed> (bug #1074475)
NOTE: https://github.com/Netatalk/netatalk/issues/1098
NOTE: https://netatalk.io/security/CVE-2024-38441
NOTE:
https://github.com/Netatalk/netatalk/commit/77b5d99007cfef4d73d76fd6f0c26584891608e5
(netatalk-3-2-1)
-CVE-2024-38440 (Netatalk 3.2.0 has an off-by-one error, and resultant
heap-based buffe ...)
+CVE-2024-38440 (Netatalk before 3.2.1 has an off-by-one error, and resultant
heap-base ...)
- netatalk <unfixed> (bug #1074474)
NOTE: https://github.com/Netatalk/netatalk/issues/1097
NOTE: https://netatalk.io/security/CVE-2024-38440
NOTE:
https://github.com/Netatalk/netatalk/commit/77b5d99007cfef4d73d76fd6f0c26584891608e5
(netatalk-3-2-1)
-CVE-2024-38439 (Netatalk 3.2.0 has an off-by-one error and resultant
heap-based buffer ...)
+CVE-2024-38439 (Netatalk before 3.2.1 has an off-by-one error and resultant
heap-based ...)
- netatalk <unfixed> (bug #1074473)
NOTE: https://github.com/Netatalk/netatalk/issues/1096
NOTE: https://netatalk.io/security/CVE-2024-38439
@@ -22515,7 +22541,7 @@ CVE-2024-27282 (An issue was discovered in Ruby 3.x
through 3.3.0. If attacker-s
NOTE:
https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
NOTE:
https://github.com/ruby/ruby/commit/989a2355808a63fc45367785c82ffd46d18c900a
CVE-2024-33602 (nscd: netgroup cache assumes NSS callback uses in-buffer
strings The ...)
- {DSA-5678-1}
+ {DSA-5678-1 DLA-3850-1}
- glibc 2.37-19
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31680
NOTE:
https://inbox.sourceware.org/libc-alpha/[email protected]/
@@ -22523,7 +22549,7 @@ CVE-2024-33602 (nscd: netgroup cache assumes NSS
callback uses in-buffer strings
NOTE:
https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008
NOTE: Fixed by:
https://sourceware.org/git?p=glibc.git;a=commit;h=c04a21e050d64a1193a6daab872bca2528bda44b
CVE-2024-33601 (nscd: netgroup cache may terminate daemon on memory allocation
failure ...)
- {DSA-5678-1}
+ {DSA-5678-1 DLA-3850-1}
- glibc 2.37-19
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31679
NOTE:
https://inbox.sourceware.org/libc-alpha/[email protected]/
@@ -22531,7 +22557,7 @@ CVE-2024-33601 (nscd: netgroup cache may terminate
daemon on memory allocation f
NOTE:
https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007
NOTE: Fixed by:
https://sourceware.org/git?p=glibc.git;a=commit;h=c04a21e050d64a1193a6daab872bca2528bda44b
CVE-2024-33600 (nscd: Null pointer crashes after notfound response If the
Name Servic ...)
- {DSA-5678-1}
+ {DSA-5678-1 DLA-3850-1}
- glibc 2.37-19
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31678
NOTE:
https://inbox.sourceware.org/libc-alpha/[email protected]/
@@ -22540,7 +22566,7 @@ CVE-2024-33600 (nscd: Null pointer crashes after
notfound response If the Name
NOTE: Fixed by:
https://sourceware.org/git?p=glibc.git;a=commit;h=b048a482f088e53144d26a61c390bed0210f49f2
NOTE: Fixed by:
https://sourceware.org/git/?p=glibc.git;a=commit;h=7835b00dbce53c3c87bbbb1754a95fb5e58187aa
CVE-2024-33599 (nscd: Stack-based buffer overflow in netgroup cache If the
Name Servi ...)
- {DSA-5678-1}
+ {DSA-5678-1 DLA-3850-1}
- glibc 2.37-19
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=31677
NOTE:
https://inbox.sourceware.org/libc-alpha/[email protected]/
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73b9c50349c0683dc8e5a406d8f5881d825af0c0
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73b9c50349c0683dc8e5a406d8f5881d825af0c0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
