Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0868d13f by Thorsten Alteholz at 2026-01-23T14:36:49+01:00
add some note for CVE-2024-45508
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -166483,6 +166483,10 @@ CVE-2024-45508 (HTMLDOC before 1.9.19 has an
out-of-bounds write in parse_paragr
[bullseye] - htmldoc <postponed> (Minor issue)
NOTE: https://github.com/michaelrsweet/htmldoc/issues/528
NOTE:
https://github.com/michaelrsweet/htmldoc/commit/2d5b2ab9ddbf2aee2209010cebc11efdd1cab6e2
+ NOTE: in issue #528 a regression was mentioned that should be fixed by:
+ NOTE:
https://github.com/michaelrsweet/htmldoc/commit/aaffa753c0dfe1b82a43051847f77c582e32a235
+ NOTE: but this commit is basically a revert of the initial fix
+ NOTE: attention: in version 1.9.19 a new string pool was introduced
CVE-2024-45270 (WordPress plugin "Carousel Slider" provided by Sayful Islam
contains a ...)
NOT-FOR-US: WordPress plugin
CVE-2024-45269 (WordPress plugin "Carousel Slider" provided by Sayful Islam
contains a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0868d13f0a17363777fbdb9687dbfe2ddbb3d82c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0868d13f0a17363777fbdb9687dbfe2ddbb3d82c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
