Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8f9c9759 by Salvatore Bonaccorso at 2024-12-03T20:44:11+01:00
Update tracking for CVE-2024-36620
No Debian released version (in unstable, but neither in experimental)
was ever affected in a version between v25.0.0-beta.1 and v26.1.0. Thus
mark the whole entry as not-affected.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -667,9 +667,7 @@ CVE-2024-36621 (moby v25.0.5 is affected by a Race
Condition in builder/builder-
- docker.io 26.1.4+dfsg1-9
NOTE:
https://github.com/moby/moby/commit/37545cc644344dcb576cba67eb7b6f51a463d31e
(v26.0.0-rc2)
CVE-2024-36620 (moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer
Dereference via d ...)
- - docker.io 26.1.4+dfsg1-9
- [bookworm] - docker.io <not-affected> (Vulnerable code not present)
- [bullseye] - docker.io <not-affected> (Vulnerable code not present)
+ - docker.io <not-affected> (Vunerable code never present in a Debian
released Version)
NOTE:
https://github.com/moby/moby/commit/ab570ab3d62038b3d26f96a9bb585d0b6095b9b4
(v26.1.0)
NOTE: Introduced in
https://github.com/moby/moby/commit/2a6ff3c24fd790e5d42d2eabaf6acf06edfe6975
(v25.0.0-beta.1)
CVE-2024-36619 (FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the
libavco ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f9c975918dc9347d6f4351cbe9236da6d2ea41c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f9c975918dc9347d6f4351cbe9236da6d2ea41c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
