Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
36a9b0eb by Salvatore Bonaccorso at 2024-11-08T11:28:57+01:00
Track fixes for symfony issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -493,7 +493,7 @@ CVE-2024-51736 (Symphony process is a module for the
Symphony PHP framework whic
CVE-2024-51409 (Buffer Overflow vulnerability in Tenda O3 v.1.0.0.5 allows a
remote at ...)
NOT-FOR-US: Tenda
CVE-2024-50345 (symfony/http-foundation is a module for the Symphony PHP
framework whi ...)
- - symfony <unfixed>
+ - symfony 6.4.14+dfsg-1
NOTE:
https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp
NOTE: Fixed by:
https://github.com/symfony/symfony/commit/5a9b08e5740af795854b1b639b7d45b9cbfe8819
(v5.4.46, v6.4.14, v7.1.7)
CVE-2024-50343 (symfony/validator is a module for the Symphony PHP framework
which pro ...)
@@ -501,7 +501,7 @@ CVE-2024-50343 (symfony/validator is a module for the
Symphony PHP framework whi
NOTE:
https://github.com/symfony/symfony/security/advisories/GHSA-g3rh-rrhp-jhh9
NOTE: Fixed by:
https://github.com/symfony/symfony/commit/7d1032bbead9a4229b32fa6ebca32681c80cb76f
(v5.4.43, v6.4.11, v7.1.4)
CVE-2024-50342 (symfony/http-client is a module for the Symphony PHP framework
which p ...)
- - symfony <unfixed>
+ - symfony 6.4.14+dfsg-1
NOTE:
https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm
NOTE: Fixed by;
https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b
(v5.4.46, v6.4.14, v7.1.7)
CVE-2024-50341 (symfony/security-bundle is a module for the Symphony PHP
framework whi ...)
@@ -509,7 +509,7 @@ CVE-2024-50341 (symfony/security-bundle is a module for the
Symphony PHP framewo
NOTE:
https://github.com/symfony/symfony/security/advisories/GHSA-jxgr-3v7q-3w9v
NOTE: Fixed by:
https://github.com/symfony/symfony/commit/22a0789a0085c3ee96f4ef715ecad8255cf0e105
(v6.4.10, v7.0.10, v7.1.3)
CVE-2024-50340 (symfony/runtime is a module for the Symphony PHP framework
which enabl ...)
- - symfony <unfixed>
+ - symfony 6.4.14+dfsg-1
NOTE:
https://github.com/symfony/symfony/security/advisories/GHSA-x8vp-gf4q-mw5j
NOTE: Fixed by:
https://github.com/symfony/symfony/commit/a77b308c3f179ed7c8a8bc295f82b2d6ee3493fa
(v5.4.46, v6.4.14, v7.1.7)
CVE-2024-48325 (Portabilis i-Educar 2.8.0 is vulnerable to SQL Injection in
the "getDo ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36a9b0ebf23417bd178251bc6fa2a35f6cf2cc7f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36a9b0ebf23417bd178251bc6fa2a35f6cf2cc7f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
