Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
17067937 by Salvatore Bonaccorso at 2024-07-23T14:57:43+02:00
Update CVE-2024-32498 and add CVE-2024-40767
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5076,12 +5076,16 @@ CVE-2023-51776 (Improper privilege management in Jungo
WinDriver before 12.1.0 a
NOT-FOR-US: Jungo WinDriver
CVE-2023-39324
REJECTED
+CVE-2024-40767
+ - nova <not-affected> (Incomplete fix/regression never introduced in
Debian as fix for CVE-2024-32498 complete)
CVE-2024-32498 (An issue was discovered in OpenStack Cinder through 24.0.0,
Glance bef ...)
- cinder <unfixed> (bug #1074763)
- glance 2:28.0.1-3+deb12u1 (bug #1074761)
- - nova <unfixed> (bug #1074762)
+ - nova 2:29.0.2-4 (bug #1074762)
NOTE: https://www.openwall.com/lists/oss-security/2024/07/02/2
NOTE: https://bugs.launchpad.net/nova/+bug/2059809
+ NOTE: When fixing CVE-2024-33498 make sure to make the fix for src:nova
complete to
+ NOTE: not introduce CVE-2024-40767.
CVE-2024-6172 (The Email Subscribers by Icegram Express \u2013 Email
Marketing, Newsl ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5938 (The Boot Store theme for WordPress is vulnerable to Stored
Cross-Site ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17067937be2bc53045a1b1946439045ae41f93d5
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17067937be2bc53045a1b1946439045ae41f93d5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
