[Git][security-tracker-team/security-tracker][master] Add new mbedtls issues (CVE-2024-4515{7,8,9})

Thu, 05 Sep 2024 13:49:56 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
00521952 by Salvatore Bonaccorso at 2024-09-05T22:49:08+02:00
Add new mbedtls issues (CVE-2024-4515{7,8,9})

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -74,11 +74,14 @@ CVE-2024-45173 (An issue was discovered in za-internet 
C-MOR Video Surveillance
 CVE-2024-45171 (An issue was discovered in za-internet C-MOR Video 
Surveillance 5.2401 ...)
        NOT-FOR-US: za-internet C-MOR Video Surveillance
 CVE-2024-45159 (An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 
1.3, wh ...)
-       TODO: check
+       - mbedtls <not-affected> (Vulnerable code introduced later)
+       NOTE: 
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-08-3/
 CVE-2024-45158 (An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack 
buffer o ...)
-       TODO: check
+       - mbedtls <not-affected> (Vulnerable code introduced later)
+       NOTE: 
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-08-2/
 CVE-2024-45157 (An issue was discovered in Mbed TLS before 2.28.9 and 3.x 
before 3.6.1 ...)
-       TODO: check
+       - mbedtls <unfixed>
+       NOTE: 
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-08-1/
 CVE-2024-45107 (Acrobat Reader versions 20.005.30636, 24.002.20964, 
24.001.30123, 24.0 ...)
        NOT-FOR-US: Adobe
 CVE-2024-45098 (IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to 
bypass int ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/005219524037593f56b5485072b8662dcef09a13

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/005219524037593f56b5485072b8662dcef09a13
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to