[Git][security-tracker-team/security-tracker][master] Process some older chromium issues

Salvatore Bonaccorso (@carnil) Thu, 18 Jul 2024 11:59:54 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
18139a4b by Salvatore Bonaccorso at 2024-07-18T20:59:12+02:00
Process some older chromium issues

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -195,7 +195,8 @@ CVE-2024-5582 (The Schema & Structured Data for WP & AMP 
plugin for WordPress is
 CVE-2024-5566 (An improper privilege management vulnerability allowed users to 
migrat ...)
        NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-5500 (Inappropriate implementation in Sign-In in Google Chrome prior 
to 1.3. ...)
-       TODO: check
+       - chromium 122.0.6261.57-1
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-5255 (The Ultimate Addons for WPBakery plugin for WordPress is 
vulnerable to ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-5254 (The Ultimate Addons for WPBakery plugin for WordPress is 
vulnerable to ...)
@@ -219,11 +220,12 @@ CVE-2024-3175 (Insufficient data validation in Extensions 
in Google Chrome prior
        {DSA-5573-1}
        - chromium 120.0.6099.71-1
 CVE-2024-3174 (Inappropriate implementation in V8 in Google Chrome prior to 
119.0.604 ...)
-       TODO: check
+       - chromium 119.0.6045.105-1
 CVE-2024-3173 (Insufficient data validation in Updater in Google Chrome prior 
to 120. ...)
-       TODO: check
+       - chromium 120.0.6099.71-1
 CVE-2024-3172 (Insufficient data validation in DevTools in Google Chrome prior 
to 121 ...)
-       TODO: check
+       - chromium 121.0.6167.85-1
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-3171 (Use after free in Accessibility in Google Chrome prior to 
122.0.6261.5 ...)
        TODO: check
 CVE-2024-3170 (Use after free in WebRTC in Google Chrome prior to 
121.0.6167.85 allow ...)


=====================================
data/DSA/list
=====================================
@@ -370,7 +370,7 @@
        [bullseye] - thunderbird 1:115.8.0-1~deb11u1
        [bookworm] - thunderbird 1:115.8.0-1~deb12u1
 [23 Feb 2024] DSA-5629-1 chromium - security update
-       {CVE-2024-1669 CVE-2024-1670 CVE-2024-1671 CVE-2024-1672 CVE-2024-1673 
CVE-2024-1674 CVE-2024-1675 CVE-2024-1676}
+       {CVE-2024-1669 CVE-2024-1670 CVE-2024-1671 CVE-2024-1672 CVE-2024-1673 
CVE-2024-1674 CVE-2024-1675 CVE-2024-1676 CVE-2024-5500}
        [bookworm] - chromium 122.0.6261.57-1~deb12u1
 [22 Feb 2024] DSA-5628-1 imagemagick - security update
        {CVE-2021-3610 CVE-2022-1115 CVE-2023-1289 CVE-2023-1906 CVE-2023-3428 
CVE-2023-5341 CVE-2023-34151}
@@ -449,7 +449,7 @@
        [bullseye] - gst-plugins-bad1.0 1.18.4-3+deb11u4
        [bookworm] - gst-plugins-bad1.0 1.22.0-4+deb12u5
 [24 Jan 2024] DSA-5607-1 chromium - security update
-       {CVE-2024-0804 CVE-2024-0805 CVE-2024-0806 CVE-2024-0807 CVE-2024-0808 
CVE-2024-0809 CVE-2024-0810 CVE-2024-0811 CVE-2024-0812 CVE-2024-0813 
CVE-2024-0814}
+       {CVE-2024-0804 CVE-2024-0805 CVE-2024-0806 CVE-2024-0807 CVE-2024-0808 
CVE-2024-0809 CVE-2024-0810 CVE-2024-0811 CVE-2024-0812 CVE-2024-0813 
CVE-2024-0814 CVE-2024-3172}
        [bookworm] - chromium 121.0.6167.85-1~deb12u1
 [24 Jan 2024] DSA-5606-1 firefox-esr - security update
        {CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747 CVE-2024-0749 
CVE-2024-0750 CVE-2024-0751 CVE-2024-0753 CVE-2024-0755}
@@ -580,7 +580,7 @@
        [bullseye] - libreoffice 1:7.0.4-4+deb11u8
        [bookworm] - libreoffice 4:7.4.7-1+deb12u1
 [09 Dec 2023] DSA-5573-1 chromium - security update
-       {CVE-2023-6508 CVE-2023-6509 CVE-2023-6510 CVE-2023-6511 CVE-2023-6512 
CVE-2024-3175}
+       {CVE-2023-6508 CVE-2023-6509 CVE-2023-6510 CVE-2023-6511 CVE-2023-6512 
CVE-2024-3175 CVE-2024-3173}
        [bullseye] - chromium 120.0.6099.71-1~deb11u1
        [bookworm] - chromium 120.0.6099.71-1~deb12u1
 [04 Dec 2023] DSA-5572-1 roundcube - security update
@@ -680,7 +680,7 @@
        [bullseye] - pmix 4.0.0-4.1+deb11u1
        [bookworm] - pmix 4.2.2-1+deb12u1
 [02 Nov 2023] DSA-5546-1 chromium - security update
-       {CVE-2023-5480 CVE-2023-5482 CVE-2023-5849 CVE-2023-5850 CVE-2023-5851 
CVE-2023-5852 CVE-2023-5853 CVE-2023-5854 CVE-2023-5855 CVE-2023-5856 
CVE-2023-5857 CVE-2023-5858 CVE-2023-5859}
+       {CVE-2023-5480 CVE-2023-5482 CVE-2023-5849 CVE-2023-5850 CVE-2023-5851 
CVE-2023-5852 CVE-2023-5853 CVE-2023-5854 CVE-2023-5855 CVE-2023-5856 
CVE-2023-5857 CVE-2023-5858 CVE-2023-5859 CVE-2024-3174}
        [bullseye] - chromium 119.0.6045.105-1~deb11u1
        [bookworm] - chromium 119.0.6045.105-1~deb12u1
 [02 Nov 2023] DSA-5545-1 vlc - security update



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18139a4b9d8967bf927202cef735cfb0e4186057

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18139a4b9d8967bf927202cef735cfb0e4186057
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some older chromium issues

Reply via email to