[Git][security-tracker-team/security-tracker][master] mark two modbus CVEs as non issues

Tue, 29 Oct 2024 07:22:04 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
17e4c747 by Moritz Muehlenhoff at 2024-10-29T15:21:28+01:00
mark two modbus CVEs as non issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46449,11 +46449,8 @@ CVE-2024-34257 (TOTOLINK EX1800T 
V9.1.0cu.2112_B20220316 has a vulnerability in
 CVE-2024-34255 (jizhicms v2.5.1 contains a Cross-Site Scripting(XSS) 
vulnerability in  ...)
        NOT-FOR-US: jizhicms
 CVE-2024-34244 (libmodbus v3.1.10 is vulnerable to Buffer Overflow via the 
modbus_writ ...)
-       - libmodbus <unfixed> (bug #1071633)
-       [bookworm] - libmodbus <no-dsa> (Minor issue)
-       [bullseye] - libmodbus <no-dsa> (Minor issue)
-       [buster] - libmodbus <postponed> (Minor issue; out-of-bounds read, DoS)
-       NOTE: https://github.com/stephane/libmodbus/issues/743
+       NOTE: Bogus assignment for libmodbus, was also filed as #1071633
+       NOTE: 
https://github.com/stephane/libmodbus/issues/743#issuecomment-2222214256
 CVE-2024-33612 (An improper certificate validation vulnerability exists in 
BIG-IP Next ...)
        NOT-FOR-US: F5 BIG-IP
 CVE-2024-33608 (When IPsec is configured on a virtual server, undisclosed 
traffic can  ...)
@@ -130998,11 +130995,8 @@ CVE-2023-26795
 CVE-2023-26794
        RESERVED
 CVE-2023-26793 (libmodbus v3.1.10 has a heap-based buffer overflow 
vulnerability in re ...)
-       - libmodbus <unfixed> (bug #1074418)
-       [bookworm] - libmodbus <no-dsa> (Minor issue)
-       [bullseye] - libmodbus <no-dsa> (Minor issue)
-       [buster] - libmodbus <postponed> (Minor issue, no patch)
-       NOTE: https://github.com/stephane/libmodbus/issues/683
+       NOTE: Bogus assignment for libmodbus, was also filed as #1074418. Just 
a bug in a test case
+       NOTE: 
https://github.com/stephane/libmodbus/issues/683#issuecomment-2291215593
 CVE-2023-26792
        RESERVED
 CVE-2023-26791



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17e4c747f7cb78c5d462e9e501854668bc775be8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17e4c747f7cb78c5d462e9e501854668bc775be8
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to