Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f48e137a by Salvatore Bonaccorso at 2024-10-19T17:34:18+02:00
Add upstream tag references for fixes
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -487,15 +487,24 @@ CVE-2024-48180 (ClassCMS <=4.8 is vulnerable to file
inclusion in the nowView me
CVE-2024-47889 (Action Mailer is a framework for designing email service
layers. Start ...)
- rails <unfixed> (bug #1085376)
NOTE:
https://github.com/rails/rails/security/advisories/GHSA-h47h-mwp9-c6q6
- NOTE:
https://github.com/rails/rails/commit/985f1923fa62806ff676e41de67c3b4552131ab9
+ NOTE:
https://github.com/rails/rails/commit/be898cc996986decfe238341d96b2a6573b8fd2e
(v7.2.1.1)
+ NOTE:
https://github.com/rails/rails/commit/3612e3eb3fbafed4f85e1c6ea4c7b6addbb0fdd3
(v7.1.4.1)
+ NOTE:
https://github.com/rails/rails/commit/0e5694f4d32544532d2301a9b4084eacb6986e94
(v7.0.8.5)
+ NOTE:
https://github.com/rails/rails/commit/985f1923fa62806ff676e41de67c3b4552131ab9
(v6.1.7.9)
CVE-2024-47888 (Action Text brings rich text content and editing to Rails.
Starting in ...)
- rails <unfixed> (bug #1085376)
NOTE:
https://github.com/rails/rails/security/advisories/GHSA-wwhv-wxv9-rpgw
- NOTE:
https://github.com/rails/rails/commit/4f4312b21a6448336de7c7ab0c4d94b378def468
+ NOTE:
https://github.com/rails/rails/commit/ba286c0a310b7f19cf5cac2a7a4c9def5cf9882e
(v7.2.1.1)
+ NOTE:
https://github.com/rails/rails/commit/de0df7caebd9cb238a6f10dca462dc5f8d5e98b5
(v7.1.4.1)
+ NOTE:
https://github.com/rails/rails/commit/727b0946c3cab04b825c039435eac963d4e91822
(v7.0.8.5)
+ NOTE:
https://github.com/rails/rails/commit/4f4312b21a6448336de7c7ab0c4d94b378def468
(v6.1.7.9)
CVE-2024-47887 (Action Pack is a framework for handling and responding to web
requests ...)
- rails <unfixed> (bug #1085376)
NOTE:
https://github.com/rails/rails/security/advisories/GHSA-vfg9-r3fq-jvx4
- NOTE:
https://github.com/rails/rails/commit/8e057db25bff1dc7a98e9ae72e0083825b9ac545
+ NOTE:
https://github.com/rails/rails/commit/f4dc83d8926509d0958ec21fcdbc2e7df3d32ce2
(v7.2.1.1)
+ NOTE:
https://github.com/rails/rails/commit/7c1398854d51f9bb193fb79f226647351133d08a
(v7.1.4.1)
+ NOTE:
https://github.com/rails/rails/commit/56b2fc3302836405b496e196a8d5fc0195e55049
(v7.0.8.5)
+ NOTE:
https://github.com/rails/rails/commit/8e057db25bff1dc7a98e9ae72e0083825b9ac545
(v6.1.7.9)
CVE-2024-46213 (REDAXO CMS v2.11.0 was discovered to contain a remote code
execution ( ...)
NOT-FOR-US: REDAXO CMS
CVE-2024-46212 (An issue in the component /index.php?page=backup/export of
REDAXO CMS ...)
@@ -641,7 +650,10 @@ CVE-2024-45071 (IBM WebSphere Application Server 8.5 and
9.0 is vulnerable to st
CVE-2024-41128 (Action Pack is a framework for handling and responding to web
requests ...)
- rails <unfixed> (bug #1085376)
NOTE:
https://github.com/rails/rails/security/advisories/GHSA-x76w-6vjr-8xgj
- NOTE:
https://github.com/rails/rails/commit/fb493bebae1a9b83e494fe7edbf01f6167d606fd
+ NOTE:
https://github.com/rails/rails/commit/27121e80f6dbb260f5a9f0452cd8411cb681f075
(v7.2.1.1)
+ NOTE:
https://github.com/rails/rails/commit/b0fe99fa854ec8ff4498e75779b458392d1560ef
(v7.1.4.1)
+ NOTE:
https://github.com/rails/rails/commit/b1241f468d1b32235f438c2e2203386e6efd3891
(v7.0.8.5)
+ NOTE:
https://github.com/rails/rails/commit/fb493bebae1a9b83e494fe7edbf01f6167d606fd
(v6.1.7.9)
CVE-2024-38814 (An authenticated SQL injection vulnerability in VMware HCX was
private ...)
NOT-FOR-US: VMware
CVE-2024-29155 (On Microchip RN4870 devices, when more than one consecutive
PairReqNoI ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f48e137a632bff5537118706bf96f884daaffc72
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f48e137a632bff5537118706bf96f884daaffc72
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
