Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
35e6ce14 by Salvatore Bonaccorso at 2024-10-20T16:28:00+02:00
Update information for CVE-2024-8805
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5356,13 +5356,10 @@ CVE-2022-49038 (Inclusion of functionality from
untrusted control sphere vulnera
NOT-FOR-US: Synology
CVE-2022-49037 (Insertion of sensitive information into log file vulnerability
in prox ...)
NOT-FOR-US: Synology
-CVE-2024-8805 [BlueZ HID over GATT Profile Improper Access Control Remote Code
Execution Vulnerability]
- - bluez <unfixed> (bug #1082849)
- [bookworm] - bluez <no-dsa> (Minor issue)
- [bullseye] - bluez <postponed> (Minor issue; can be fixed in next
update)
+CVE-2024-8805 [Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE]
+ - linux <unfixed>
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1229/
- NOTE:
https://patchwork.kernel.org/project/bluetooth/patch/[email protected]/
- NOTE:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=41f943630d9a03c40e95057b2ac3d96470b9c71e
+ NOTE:
https://git.kernel.org/linus/b25e11f978b63cb7857890edb3a698599cddb10e (6.12-rc3)
CVE-2024-9169 (The LiteSpeed Cache plugin for WordPress is vulnerable to
Stored Cross ...)
NOT-FOR-US: WordPress plugin
CVE-2024-8996 (Unquoted Search Path or Element vulnerability in Grafana Agent
(Flow m ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35e6ce14bb2ffb78a34c9dc887a141abce0208b1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35e6ce14bb2ffb78a34c9dc887a141abce0208b1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
