[Git][security-tracker-team/security-tracker][master] zk spu
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Apr 16 16:55:06 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
12ebff45 by Moritz Mühlenhoff at 2024-04-16T17:54:30+02:00
zk spu
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -9764,6 +9764,8 @@ CVE-2024-28752 (A SSRF vulnerability using the Aegis DataBinding in versions of
NOT-FOR-US: Apache CXF
CVE-2024-23944 (Information disclosure in persistent watchers handling in Apache ZooKe ...)
- zookeeper 3.9.2-1 (bug #1066947)
+ [bookworm] - zookeeper <no-dsa> (Minor issue)
+ [bullseye] - zookeeper <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2024/03/14/2
NOTE: https://issues.apache.org/jira/browse/ZOOKEEPER-4799
NOTE: Fixed by: https://github.com/apache/zookeeper/commit/65b91d2d9a56157285c2a86b106e67c26520b01d (release-3.8.4-0)
=====================================
data/next-point-update.txt
=====================================
@@ -108,3 +108,5 @@ CVE-2021-31684
[bookworm] - json-smart 2.2-2+deb12u1
CVE-2023-1370
[bookworm] - json-smart 2.2-2+deb12u1
+CVE-2024-23944
+ [bookworm] - zookeeper 3.8.0-11+deb12u2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12ebff459dc96ee5ddfd4ed2e2183daaa264ed8f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12ebff459dc96ee5ddfd4ed2e2183daaa264ed8f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240416/25bf9179/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list