[Git][security-tracker-team/security-tracker][master] Add CVE-2024-38286/tomcat

Mon, 23 Sep 2024 13:45:07 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
559fd7ca by Salvatore Bonaccorso at 2024-09-23T22:44:23+02:00
Add CVE-2024-38286/tomcat

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18866,6 +18866,15 @@ CVE-2024-35234 (Discourse is an open-source discussion 
platform. Prior to versio
        NOT-FOR-US: Discourse
 CVE-2024-35227 (Discourse is an open-source discussion platform. Prior to 
version 3.2. ...)
        NOT-FOR-US: Discourse
+CVE-2024-38286
+       - tomcat10 10.1.25-1
+       [bookworm] - tomcat10 <postponed> (Minor issue, fixed along in next DSA)
+       - tomcat9 9.0.70-2
+       [bullseye] - tomcat9 <postponed> (Minor issue, fixed along in next DSA)
+       NOTE: https://lists.apache.org/thread/wms60cvbsz3fpbz9psxtfx8r41jl6d4s
+       NOTE: 
https://github.com/apache/tomcat/commit/3344c17cef094da4bb616f4186ed32039627b543
 (10.1.25)
+       NOTE: 
https://github.com/apache/tomcat/commit/76c5cce6f0bcef14b0c21c38910371ca7d322d13
 (9.0.90)
+       NOTE: Starting with 9.0.70-2 src:tomcat9 no longer ships the server 
stack, using that as the fixed version
 CVE-2024-34750 (Improper Handling of Exceptional Conditions, Uncontrolled 
Resource Con ...)
        - tomcat10 10.1.25-1
        [bookworm] - tomcat10 <postponed> (Minor issue, fixed along in next DSA)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/559fd7ca8c928581a3a234c8901a018db7e53bca

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/559fd7ca8c928581a3a234c8901a018db7e53bca
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to