[Git][security-tracker-team/security-tracker][master] Add preliminary status for two twisted CVEs

Mon, 29 Jul 2024 13:57:55 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2d04a17e by Salvatore Bonaccorso at 2024-07-29T22:57:10+02:00
Add preliminary status for two twisted CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -50,7 +50,9 @@ CVE-2024-41817 (ImageMagick is a free and open-source 
software suite, used for e
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8rxc-922v-phg8
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/6526a2b28510ead6a3e14de711bb991ad9abff38
 CVE-2024-41810 (Twisted is an event-based framework for internet applications, 
support ...)
-       TODO: check
+       - twisted <unfixed>
+       NOTE: 
https://github.com/twisted/twisted/security/advisories/GHSA-cf56-g6w6-pqq2
+       NOTE: Merge commit: 
https://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33
 (twisted-24.7.0rc1)
 CVE-2024-41799 (tgstation-server is a production scale tool for BYOND server 
managemen ...)
        NOT-FOR-US: tgstation-server
 CVE-2024-41726 (Path traversal vulnerability exists in SKYSEA Client View 
Ver.3.013.00 ...)
@@ -58,7 +60,10 @@ CVE-2024-41726 (Path traversal vulnerability exists in 
SKYSEA Client View Ver.3.
 CVE-2024-41676 (Magento-lts is a long-term support alternative to Magento 
Community Ed ...)
        NOT-FOR-US: Magento LTS (alternative to Magento Community Edition)
 CVE-2024-41671 (Twisted is an event-based framework for internet applications, 
support ...)
-       TODO: check
+       - twisted <unfixed>
+       NOTE: 
https://github.com/twisted/twisted/security/advisories/GHSA-c8m8-j448-xjx7
+       NOTE: 
https://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33
 (twisted-24.7.0rc1)
+       NOTE: 
https://github.com/twisted/twisted/commit/4a930de12fb67e88fefcb8822104152f42b27abc
 (twisted-24.7.0rc1)
 CVE-2024-41640 (Cross Site Scripting (XSS) vulnerability in AML Surety Eco up 
to 3.5 a ...)
        NOT-FOR-US: AML Surety Eco
 CVE-2024-41631 (Buffer Overflow vulnerability in host-host NEUQ_board v.1.0 
allows a r ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d04a17ea8b1985876f6a5a27e0d1f44c4b0f95f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d04a17ea8b1985876f6a5a27e0d1f44c4b0f95f
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to