[Git][security-tracker-team/security-tracker][master] CVE-2023-52340/linux
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 41946219 by Salvatore Bonaccorso at 2024-01-29T07:49:22+01:00 CVE-2023-52340/linux - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,6 @@ +CVE-2023-52340 [ipv6: remove max_size check inline with ipv4] + - linux 6.3.7-1 + NOTE: https://git.kernel.org/linus/af6d10345ca76670c1b7c37799f0d5576ccef277 (6.3-rc1) CVE-2024-0841 (A null pointer dereference flaw was found in the hugetlbfs_fill_super ...) - linux NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2256490 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41946219cde78abe0aa5ece42cef0cbcc305107d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41946219cde78abe0aa5ece42cef0cbcc305107d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add node
Daniel Leidert pushed to branch master at Debian Security Tracker / security-tracker Commits: d85c571e by Daniel Leidert at 2024-01-29T00:51:38+01:00 Add node - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -187,6 +187,7 @@ putty (santiago) python-asyncssh (dleidert) NOTE: 20240116: Added by Front-Desk (lamby) NOTE: 20240123: Patch for CVE-2023-46445 and CVE-2023-46446 backported, but one test is failing. (dleidert) + NOTE: 20240127: Patch for CVE-2023-48795 working. Upload to come in the next days. (dleidert) -- python-django (Chris Lamb) NOTE: 20231006: Added by Front-Desk (Beuc) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d85c571ed40a323402ffc6c22ff9329a95a17200 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d85c571ed40a323402ffc6c22ff9329a95a17200 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker Commits: 9070cc46 by Thorsten Alteholz at 2024-01-28T23:33:55+01:00 update note - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -36,6 +36,7 @@ atril -- bind9 (Thorsten Alteholz) NOTE: 20230921: Added by Front-Desk (apo) + NOTE: 20240128: was distracted and need another few days for upload -- cacti (Sylvain Beucler) NOTE: 20230906: Added by Front-Desk (lamby) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9070cc460087ff176db3aa2f35cdf4830435bd65 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9070cc460087ff176db3aa2f35cdf4830435bd65 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Take curl
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker Commits: eb154028 by Bastien Roucariès at 2024-01-28T21:02:41+00:00 Take curl - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -53,7 +53,7 @@ cinder NOTE: 20230525: Added by Front-Desk (lamby) NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, python-os-brick, nova and cinder. -- -curl +curl (rouca) NOTE: 20231229: Added by Front-Desk (lamby) NOTE: 20231229: CVE-2023-27534 fixed in bullseye via DSA or point release. (lamby) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb154028231acac3b5c4b137b0bb6514ef89408f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb154028231acac3b5c4b137b0bb6514ef89408f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-6200/linux
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 500454d1 by Salvatore Bonaccorso at 2024-01-28T21:26:44+01:00 Add CVE-2023-6200/linux - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2,7 +2,11 @@ CVE-2024-0841 (A null pointer dereference flaw was found in the hugetlbfs_fill_s - linux NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2256490 CVE-2023-6200 (A race condition was found in the Linux Kernel. Under certain conditio ...) - TODO: check + - linux 6.6.9-1 + [bookworm] - linux (Vulnerable code not present) + [bullseye] - linux (Vulnerable code not present) + [buster] - linux (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/dade3f6a1e4e35a5ae916d5e78b3229ec34c78ec (6.7-rc7) CVE-2024-23743 (An issue in Notion for macOS version 3.1.0 and before, allows remote a ...) NOT-FOR-US: Notion for macOS CVE-2024-23742 (An issue in Loom on macOS version 0.196.1 and before, allows remote at ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/500454d116cd4f768764ea6fc58c45cc491683d6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/500454d116cd4f768764ea6fc58c45cc491683d6 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-0841/linux
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f7e7376d by Salvatore Bonaccorso at 2024-01-28T21:22:23+01:00 Add CVE-2024-0841/linux - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,5 +1,6 @@ CVE-2024-0841 (A null pointer dereference flaw was found in the hugetlbfs_fill_super ...) - TODO: check + - linux + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2256490 CVE-2023-6200 (A race condition was found in the Linux Kernel. Under certain conditio ...) TODO: check CVE-2024-23743 (An issue in Notion for macOS version 3.1.0 and before, allows remote a ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7e7376d385160b9943ffec6059134df86e55249 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7e7376d385160b9943ffec6059134df86e55249 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-0962/libcoap3
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 66dc588d by Salvatore Bonaccorso at 2024-01-28T21:17:04+01:00 Add Debian bug reference for CVE-2024-0962/libcoap3 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -15,7 +15,7 @@ CVE-2024-23739 (An issue in Discord for macOS version 0.0.291 and before, allows CVE-2024-23738 (An issue in Postman version 10.22 and before on macOS allows a remote ...) NOT-FOR-US: Postman on MacOS CVE-2024-0962 (A vulnerability was found in obgm libcoap 4.3.4. It has been rated as ...) - - libcoap3 + - libcoap3 (bug #1061704) [bookworm] - libcoap3 (Vulnerable code not present) - libcoap2 (Vulnerable code not present) - libcoap (Vulnerable code not present) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66dc588d0475f52984d9550a19e1e8fc1996594c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66dc588d0475f52984d9550a19e1e8fc1996594c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-0962/libcoap3
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 87897720 by Salvatore Bonaccorso at 2024-01-28T21:15:14+01:00 Update information for CVE-2024-0962/libcoap3 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -16,11 +16,13 @@ CVE-2024-23738 (An issue in Postman version 10.22 and before on macOS allows a r NOT-FOR-US: Postman on MacOS CVE-2024-0962 (A vulnerability was found in obgm libcoap 4.3.4. It has been rated as ...) - libcoap3 + [bookworm] - libcoap3 (Vulnerable code not present) - libcoap2 (Vulnerable code not present) - libcoap (Vulnerable code not present) NOTE: https://github.com/obgm/libcoap/issues/1310 NOTE: https://github.com/obgm/libcoap/issues/1310#issue-2099860835 NOTE: https://github.com/obgm/libcoap/pull/1311 + NOTE: Introduced by: https://github.com/obgm/libcoap/commit/dac6bd3b603fc8a37fe80f8a459d82c79feebad0 (v4.3.2-rc1) NOTE: Fixed by: https://github.com/obgm/libcoap/commit/2b28d8b0e9607e71a145345b4fe49517e052b7d9 CVE-2024-0960 (A vulnerability was found in flink-extended ai-flow 0.3.1. It has been ...) NOT-FOR-US: flink-extended ai-flow View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87897720c83a1f914c13d864273f1093585915ae -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87897720c83a1f914c13d864273f1093585915ae You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 920ab6c0 by security tracker role at 2024-01-28T20:11:41+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,7 @@ +CVE-2024-0841 (A null pointer dereference flaw was found in the hugetlbfs_fill_super ...) + TODO: check +CVE-2023-6200 (A race condition was found in the Linux Kernel. Under certain conditio ...) + TODO: check CVE-2024-23743 (An issue in Notion for macOS version 3.1.0 and before, allows remote a ...) NOT-FOR-US: Notion for macOS CVE-2024-23742 (An issue in Loom on macOS version 0.196.1 and before, allows remote at ...) @@ -8638,21 +8642,25 @@ CVE-2023-49934 (An issue was discovered in SchedMD Slurm 23.11.x. There is SQL I - slurm-llnl (Vulnerable code introduced in 23.11 series) NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html CVE-2023-49933 (An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x ...) + {DSA-5609-1} - slurm-wlm (bug #1058720) - slurm-llnl [buster] - slurm-llnl (EOL in buster LTS) NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html CVE-2023-49937 (An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x ...) + {DSA-5609-1} - slurm-wlm (bug #1058720) - slurm-llnl [buster] - slurm-llnl (EOL in buster LTS) NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html CVE-2023-49936 (An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x ...) + {DSA-5609-1} - slurm-wlm (bug #1058720) - slurm-llnl [buster] - slurm-llnl (EOL in buster LTS) NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2023/000103.html CVE-2023-49938 (An issue was discovered in SchedMD Slurm 22.05.x and 23.02.x. There is ...) + {DSA-5609-1} - slurm-wlm (bug #1058720) - slurm-llnl [buster] - slurm-llnl (EOL in buster LTS) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/920ab6c040783c2c2f1a9589ff82f43f88cbc3b1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/920ab6c040783c2c2f1a9589ff82f43f88cbc3b1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add note about sudo
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker Commits: 2054e7b1 by Bastien Roucariès at 2024-01-28T14:32:22+00:00 Add note about sudo - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -258,6 +258,8 @@ squid -- sudo (rouca) NOTE: 20231224: Added by Front-Desk (ta) + NOTE: 20240128: Wait for review by sudo team (rouca) + NOTE: 20240128: Ported test suite (rouca) -- suricata (Adrian Bunk) NOTE: 20230620: Added by Front-Desk (Beuc) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2054e7b1f1a530f72f9e8375b50d2ee02166ae42 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2054e7b1f1a530f72f9e8375b50d2ee02166ae42 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Note proposed contribution for ruby-sanitize
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7a17141e by Salvatore Bonaccorso at 2024-01-28T14:18:09+01:00 Note proposed contribution for ruby-sanitize - - - - - 1 changed file: - data/dsa-needed.txt Changes: = data/dsa-needed.txt = @@ -72,6 +72,7 @@ ruby-nokogiri/oldstable ruby-rails-html-sanitizer -- ruby-sanitize + Abhijith PA proposed an update for review for bookworm-security, asked back for bullseye-security -- ruby-sinatra/oldstable Maintainer posted packaging repository link with proposed changes for review View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a17141e06a3b3df1e5b823cb17b95cb0e7ab98f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a17141e06a3b3df1e5b823cb17b95cb0e7ab98f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for slurm-wlm update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d73f0d3b by Salvatore Bonaccorso at 2024-01-28T13:28:21+01:00 Reserve DSA number for slurm-wlm update - - - - - 2 changed files: - data/DSA/list - data/dsa-needed.txt Changes: = data/DSA/list = @@ -1,3 +1,6 @@ +[28 Jan 2024] DSA-5609-1 slurm-wlm - security update + {CVE-2023-49933 CVE-2023-49936 CVE-2023-49937 CVE-2023-49938} + [bookworm] - slurm-wlm 22.05.8-4+deb12u2 [27 Jan 2024] DSA-5608-1 gst-plugins-bad1.0 - security update {CVE-2024-0444} [bullseye] - gst-plugins-bad1.0 1.18.4-3+deb11u4 = data/dsa-needed.txt = @@ -83,9 +83,6 @@ salt/oldstable samba/oldstable santiago started to backport patches to bullseye -- -slurm-wlm (carnil) - Gennaro Oliva prepared an update --- squid (apo) -- varnish View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d73f0d3bb576cc3c3dcbf4e9a2a29b0492213aa3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d73f0d3bb576cc3c3dcbf4e9a2a29b0492213aa3 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add three new ffmpeg issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2a0325f4 by Salvatore Bonaccorso at 2024-01-28T10:50:23+01:00 Add three new ffmpeg issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -31,11 +31,19 @@ CVE-2024-23170 [Timing side channel in private key RSA operations] CVE-2024-23506 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...) NOT-FOR-US: WordPress plugin CVE-2024-22862 (Integer overflow vulnerability in FFmpeg before n6.1, allows remote at ...) - TODO: check + - ffmpeg 7:6.1-1 + NOTE: https://github.com/FFmpeg/FFmpeg/commit/ca09d8a0dcd82e3128e62463231296aaf63ae6f7 (n6.1) + NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62113 + TODO: check details for older versions CVE-2024-22861 (Integer overflow vulnerability in FFmpeg before n6.1, allows attackers ...) - TODO: check + - ffmpeg 7:6.1-1 + NOTE: https://github.com/FFmpeg/FFmpeg/commit/87b8c1081959e45ffdcbabb3d53ac9882ef2b5ce (n6.1) + TODO: check details for older versions CVE-2024-22860 (Integer overflow vulnerability in FFmpeg before n6.1, allows remote at ...) - TODO: check + - ffmpeg 7:6.1-1 + NOTE: https://github.com/FFmpeg/FFmpeg/commit/d2e8974699a9e35cc1a926bf74a972300d629cd5 (n6.1) + NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61991 + TODO: check details for older versions CVE-2024-22283 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) NOT-FOR-US: WordPress plugin CVE-2024-22147 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a0325f456029441ff7437a44908ce6af6f69c2c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a0325f456029441ff7437a44908ce6af6f69c2c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-0962/libcoap3
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 69781da3 by Salvatore Bonaccorso at 2024-01-28T09:46:51+01:00 Add CVE-2024-0962/libcoap3 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -11,7 +11,13 @@ CVE-2024-23739 (An issue in Discord for macOS version 0.0.291 and before, allows CVE-2024-23738 (An issue in Postman version 10.22 and before on macOS allows a remote ...) NOT-FOR-US: Postman on MacOS CVE-2024-0962 (A vulnerability was found in obgm libcoap 4.3.4. It has been rated as ...) - TODO: check + - libcoap3 + - libcoap2 (Vulnerable code not present) + - libcoap (Vulnerable code not present) + NOTE: https://github.com/obgm/libcoap/issues/1310 + NOTE: https://github.com/obgm/libcoap/issues/1310#issue-2099860835 + NOTE: https://github.com/obgm/libcoap/pull/1311 + NOTE: Fixed by: https://github.com/obgm/libcoap/commit/2b28d8b0e9607e71a145345b4fe49517e052b7d9 CVE-2024-0960 (A vulnerability was found in flink-extended ai-flow 0.3.1. It has been ...) NOT-FOR-US: flink-extended ai-flow CVE-2024-0959 (A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been c ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/69781da32dd9acde8f4cd49c5a85551a70af6fb7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/69781da32dd9acde8f4cd49c5a85551a70af6fb7 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8c2645b6 by Salvatore Bonaccorso at 2024-01-28T09:34:33+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,21 +1,21 @@ CVE-2024-23743 (An issue in Notion for macOS version 3.1.0 and before, allows remote a ...) - TODO: check + NOT-FOR-US: Notion for macOS CVE-2024-23742 (An issue in Loom on macOS version 0.196.1 and before, allows remote at ...) - TODO: check + NOT-FOR-US: Loom on macOS CVE-2024-23741 (An issue in Hyper on macOS version 3.4.1 and before, allows remote att ...) - TODO: check + NOT-FOR-US: Hyper on macOS CVE-2024-23740 (An issue in Kap for macOS version 3.6.0 and before, allows remote atta ...) - TODO: check + NOT-FOR-US: Kap for macOS CVE-2024-23739 (An issue in Discord for macOS version 0.0.291 and before, allows remot ...) - TODO: check + NOT-FOR-US: Discord for macOS CVE-2024-23738 (An issue in Postman version 10.22 and before on macOS allows a remote ...) - TODO: check + NOT-FOR-US: Postman on MacOS CVE-2024-0962 (A vulnerability was found in obgm libcoap 4.3.4. It has been rated as ...) TODO: check CVE-2024-0960 (A vulnerability was found in flink-extended ai-flow 0.3.1. It has been ...) - TODO: check + NOT-FOR-US: flink-extended ai-flow CVE-2024-0959 (A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been c ...) - TODO: check + NOT-FOR-US: StanfordVL GibsonEnv CVE-2024-23775 [Buffer overflow in mbedtls_x509_set_extension()] - mbedtls 2.28.7-1 NOTE: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-2/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c2645b687e6e45e56b62e12ec1489e36ce7d7fa -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c2645b687e6e45e56b62e12ec1489e36ce7d7fa You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 679dae1b by security tracker role at 2024-01-28T08:11:46+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,15 @@ +CVE-2024-23743 (An issue in Notion for macOS version 3.1.0 and before, allows remote a ...) + TODO: check +CVE-2024-23742 (An issue in Loom on macOS version 0.196.1 and before, allows remote at ...) + TODO: check +CVE-2024-23741 (An issue in Hyper on macOS version 3.4.1 and before, allows remote att ...) + TODO: check +CVE-2024-23740 (An issue in Kap for macOS version 3.6.0 and before, allows remote atta ...) + TODO: check +CVE-2024-23739 (An issue in Discord for macOS version 0.0.291 and before, allows remot ...) + TODO: check +CVE-2024-23738 (An issue in Postman version 10.22 and before on macOS allows a remote ...) + TODO: check CVE-2024-0962 (A vulnerability was found in obgm libcoap 4.3.4. It has been rated as ...) TODO: check CVE-2024-0960 (A vulnerability was found in flink-extended ai-flow 0.3.1. It has been ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/679dae1b219005ac31d6269808c90fe8a3daff73 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/679dae1b219005ac31d6269808c90fe8a3daff73 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits