Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6a681fa3 by Salvatore Bonaccorso at 2025-01-06T22:00:18+01:00
Add new suricata CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19,21 +19,46 @@ CVE-2024-8474 (OpenVPN Connect before version 3.5.0 can
contain the configuratio
CVE-2024-56828 (File Upload vulnerability in ChestnutCMS through 1.5.0. Based
on the c ...)
TODO: check
CVE-2024-55629 (Suricata is a network Intrusion Detection System, Intrusion
Prevention ...)
- TODO: check
+ - suricata 1:7.0.8-1
+ NOTE:
https://github.com/OISF/suricata/security/advisories/GHSA-69wr-vhwg-84h2
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/6882bcb3e51bd3cf509fb6569cc30f48d7bb53d7
(master)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/779f9d8ba35c3f9b5abfa327d3a4209861bd2eb8
(master)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/870fe6ea192fb1069189d9319a3940e48a41488d
(suricata-7.0.8)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/c4d8790db85164714c92556fbc8e849e9df6355b
(suricata-7.0.8)
CVE-2024-55628 (Suricata is a network Intrusion Detection System, Intrusion
Prevention ...)
- TODO: check
+ - suricata 1:7.0.8-1
+ NOTE:
https://github.com/OISF/suricata/security/advisories/GHSA-96w4-jqwf-qx2j
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/19cf0f81335d9f787d587450f7105ad95a648951
(master)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/37f4c52b22fcdde4adf9b479cb5700f89d00768d
(master)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/3a5671739f5b25e5dd973a74ca5fd8ea40e1ae2d
(master)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/58c41a7fa99f62d9a8688e970ab1a9b09c79723a
(suricata-7.0.8)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/5edb84fe234f47a0fedfbf9b10b49699152fe8cb
(suricata-7.0.8)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/71212b78bd1b7b841c9d9a907d0b3eea71a54060
(suricata-7.0.8)
CVE-2024-55627 (Suricata is a network Intrusion Detection System, Intrusion
Prevention ...)
- TODO: check
+ - suricata 1:7.0.8-1
+ NOTE:
https://github.com/OISF/suricata/security/advisories/GHSA-h2mv-7gg8-8x7v
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/282509f70c4ce805098e59535af445362e3e9ebd
(master)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/8900041405dbb5f9584edae994af2100733fb4be
(master)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/9a53ec43b13f0039a083950511a18bf6f408e432
(master)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/0dc364aef2dec122fc0e7ee4c190864f4cc5f1bd
(suricata-7.0.8)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/949bfeca0e5f92212dc3d79f4a87c7c482d376aa
(suricata-7.0.8)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/7d47fcf7f7fefacd2b0d8f482534a83b35a3c45e
(suricata-7.0.8)
CVE-2024-55626 (Suricata is a network Intrusion Detection System, Intrusion
Prevention ...)
- TODO: check
+ - suricata 1:7.0.8-1
+ NOTE:
https://github.com/OISF/suricata/security/advisories/GHSA-wmg4-jqx5-4h9v
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/dd71ef0af222a566e54dfc479dd1951dd17d7ceb
(master)
+ NOTE: Fixed by:
https://github.com/OISF/suricata/commit/470795e65ba77cffba3aed850313a5f23c4b278d
(suricata-7.0.8)
CVE-2024-55605 (Suricata is a network Intrusion Detection System, Intrusion
Prevention ...)
- TODO: check
+ - suricata 1:7.0.8-1
+ NOTE:
https://github.com/OISF/suricata/security/advisories/GHSA-x2hr-33vp-w289
+ TODO: check fixing commits
CVE-2024-55529 (Z-BlogPHP 1.7.3 is vulnerable to arbitrary code execution via
\zb_user ...)
TODO: check
CVE-2024-55408 (An issue in the AsusSAIO.sys component of ASUS System Analysis
IO v1.0 ...)
TODO: check
CVE-2024-55407 (An issue in the DeviceloControl function of ITE Tech. Inc ITE
IO Acces ...)
TODO: check
+
CVE-2024-54880 (SeaCMS V13.1 is vulnerable to Incorrect Access Control. A
logic flaw c ...)
TODO: check
CVE-2024-54879 (SeaCMS V13.1 is vulnerable to Incorrect Access Control. A
logic flaw c ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a681fa39bde183301aa0d526e44c5234dbab653
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a681fa39bde183301aa0d526e44c5234dbab653
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
