[Git][security-tracker-team/security-tracker][master] Add CVE-2024-51504/zookeeper

Sat, 09 Nov 2024 00:08:59 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9bf644d6 by Salvatore Bonaccorso at 2024-11-09T09:08:19+01:00
Add CVE-2024-51504/zookeeper

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -329,7 +329,15 @@ CVE-2024-51989 (Password Pusher is an open source 
application to communicate sen
 CVE-2024-51758 (Filament is a collection of full-stack components for 
accelerated Lara ...)
        NOT-FOR-US: Filament
 CVE-2024-51504 (When using IPAuthenticationProvider in ZooKeeper Admin Server 
there is ...)
-       TODO: check
+       - zookeeper <unfixed>
+       [bookworm] - zookeeper <not-affected> (Vulnerable code introduced later)
+       [bullseye] - zookeeper <not-affected> (Vulnerable code introduced later)
+       NOTE: https://lists.apache.org/thread/b3qrmpkto5r6989qr61fw9y2x646kqlh
+       NOTE: https://issues.apache.org/jira/browse/ZOOKEEPER-4851
+       NOTE: https://github.com/apache/zookeeper/pull/2181
+       NOTE: Introduced by: 
https://github.com/apache/zookeeper/commit/d79811bf28f00fb1db6ec6002e884af6cfd0d7fc
 (release-3.9.0-0)
+       NOTE: Fixed by: 
https://github.com/apache/zookeeper/commit/bd5be58c562ce992de8af43cdef0bdb34261a525
 (release-3.9.3-0)
+       NOTE: Followup to disable (X-Forwarded-For by default): 
https://github.com/apache/zookeeper/commit/67037ad9087b4e554f77427e88d40df1eb19d6d3
 (release-3.9.3-0)
 CVE-2024-51428 (An issue in Espressif Esp idf v5.3.0 allows attackers to cause 
a Denia ...)
        TODO: check
 CVE-2024-48954 (An issue was discovered in Logpoint before 7.5.0. Unvalidated 
input du ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bf644d6d758fb7e9f5e8dc83698b7d51c642ad3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bf644d6d758fb7e9f5e8dc83698b7d51c642ad3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to