Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e192596a by Moritz Muehlenhoff at 2024-09-17T14:16:44+02:00
new clickhouse issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2358,7 +2358,7 @@ CVE-2024-8461 (A vulnerability, which was classified as
problematic, was found i
CVE-2024-8460 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: D-Link
CVE-2024-8445 (The fix for CVE-2024-2199 in 389-ds-base was insufficient to
cover all ...)
- - 389-ds-base <unfixed>
+ - 398-ds-base <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2310110
NOTE: CVE exists because of an insufficent/incomplete fix for
CVE-2024-2199
TODO: check details
@@ -3106,7 +3106,10 @@ CVE-2024-42901 (A CSV injection vulnerability in Lime
Survey v6.5.12 allows atta
CVE-2024-41718
REJECTED
CVE-2024-41436 (ClickHouse v24.3.3.102 was discovered to contain a buffer
overflow via ...)
- TODO: check
+ - clickhouse <unfixed>
+ [bookworm] - clickhouse <no-dsa> (Minor issue)
+ NOTE: https://github.com/ClickHouse/ClickHouse/issues/65520
+ NOTE: https://github.com/ClickHouse/ClickHouse/pull/66912
CVE-2024-41435 (YugabyteDB v2.21.1.0 was discovered to contain a buffer
overflow via t ...)
NOT-FOR-US: YugabyteDB
CVE-2024-3655 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel
Driver, Arm ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e192596aba9fa98be60c1257481ee84ab9a5c9ec
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e192596aba9fa98be60c1257481ee84ab9a5c9ec
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
