[Git][security-tracker-team/security-tracker][master] Add more chromium issues from older advisories

Salvatore Bonaccorso (@carnil) Thu, 18 Jul 2024 12:44:53 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ab47e86b by Salvatore Bonaccorso at 2024-07-18T21:43:52+02:00
Add more chromium issues from older advisories

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -232,19 +232,24 @@ CVE-2024-3172 (Insufficient data validation in DevTools 
in Google Chrome prior t
        - chromium 121.0.6167.85-1
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-3171 (Use after free in Accessibility in Google Chrome prior to 
122.0.6261.5 ...)
-       TODO: check
+       - chromium 122.0.6261.57-1
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-3170 (Use after free in WebRTC in Google Chrome prior to 
121.0.6167.85 allow ...)
-       TODO: check
+       - chromium 121.0.6167.85-1
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-3169 (Use after free in V8 in Google Chrome prior to 121.0.6167.139 
allowed  ...)
-       TODO: check
+       - chromium 121.0.6167.139-1
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-3168 (Use after free in DevTools in Google Chrome prior to 
122.0.6261.57 all ...)
-       TODO: check
+       - chromium 122.0.6261.57-1
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-39877 (Apache Airflow 2.4.0, and versions before 2.9.3, has a 
vulnerability t ...)
        - airflow <itp> (bug #819700)
 CVE-2024-39863 (Apache Airflow versions before 2.9.3 have a vulnerability that 
allows  ...)
        - airflow <itp> (bug #819700)
 CVE-2024-2884 (Out of bounds read in V8 in Google Chrome prior to 
121.0.6167.139 allo ...)
-       TODO: check
+       - chromium 121.0.6167.139-1
+       [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-21687 (This High severity File Inclusion vulnerability was introduced 
in vers ...)
        NOT-FOR-US: Atlassian
 CVE-2024-21188 (Vulnerability in the Oracle Financial Services Revenue 
Management and  ...)


=====================================
data/DSA/list
=====================================
@@ -370,7 +370,7 @@
        [bullseye] - thunderbird 1:115.8.0-1~deb11u1
        [bookworm] - thunderbird 1:115.8.0-1~deb12u1
 [23 Feb 2024] DSA-5629-1 chromium - security update
-       {CVE-2024-1669 CVE-2024-1670 CVE-2024-1671 CVE-2024-1672 CVE-2024-1673 
CVE-2024-1674 CVE-2024-1675 CVE-2024-1676 CVE-2024-5500}
+       {CVE-2024-1669 CVE-2024-1670 CVE-2024-1671 CVE-2024-1672 CVE-2024-1673 
CVE-2024-1674 CVE-2024-1675 CVE-2024-1676 CVE-2024-3168 CVE-2024-3171 
CVE-2024-5500}
        [bookworm] - chromium 122.0.6261.57-1~deb12u1
 [22 Feb 2024] DSA-5628-1 imagemagick - security update
        {CVE-2021-3610 CVE-2022-1115 CVE-2023-1289 CVE-2023-1906 CVE-2023-3428 
CVE-2023-5341 CVE-2023-34151}
@@ -433,7 +433,7 @@
        [bullseye] - openjdk-17 17.0.10+7-1~deb11u1
        [bookworm] - openjdk-17 17.0.10+7-1~deb12u1
 [01 Feb 2024] DSA-5612-1 chromium - security update
-       {CVE-2024-1059 CVE-2024-1060 CVE-2024-1077}
+       {CVE-2024-1059 CVE-2024-1060 CVE-2024-1077 CVE-2024-2884 CVE-2024-3169}
        [bookworm] - chromium 121.0.6167.139-1~deb12u1
 [30 Jan 2024] DSA-5611-1 glibc - security update
        {CVE-2023-6246 CVE-2023-6779 CVE-2023-6780}
@@ -449,7 +449,7 @@
        [bullseye] - gst-plugins-bad1.0 1.18.4-3+deb11u4
        [bookworm] - gst-plugins-bad1.0 1.22.0-4+deb12u5
 [24 Jan 2024] DSA-5607-1 chromium - security update
-       {CVE-2024-0804 CVE-2024-0805 CVE-2024-0806 CVE-2024-0807 CVE-2024-0808 
CVE-2024-0809 CVE-2024-0810 CVE-2024-0811 CVE-2024-0812 CVE-2024-0813 
CVE-2024-0814 CVE-2024-3172}
+       {CVE-2024-0804 CVE-2024-0805 CVE-2024-0806 CVE-2024-0807 CVE-2024-0808 
CVE-2024-0809 CVE-2024-0810 CVE-2024-0811 CVE-2024-0812 CVE-2024-0813 
CVE-2024-0814 CVE-2024-3170 CVE-2024-3172}
        [bookworm] - chromium 121.0.6167.85-1~deb12u1
 [24 Jan 2024] DSA-5606-1 firefox-esr - security update
        {CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747 CVE-2024-0749 
CVE-2024-0750 CVE-2024-0751 CVE-2024-0753 CVE-2024-0755}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab47e86b6ef1a40a023848de3aa9149e551d9ad2

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab47e86b6ef1a40a023848de3aa9149e551d9ad2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add more chromium issues from older advisories

Reply via email to