[Git][security-tracker-team/security-tracker][master] Track fixes via experimental for fastdds

Wed Apr 17 19:50:43 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
127f1704 by Salvatore Bonaccorso at 2024-04-17T20:49:21+02:00
Track fixes via experimental for fastdds

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9168,6 +9168,7 @@ CVE-2024-28392 (SQL injection vulnerability in pscartabandonmentpro v.2.0.11 and
 CVE-2024-28286 (In mz-automation libiec61850 v1.4.0, a NULL Pointer Dereference was de ...)
 	NOT-FOR-US: libIEC61850
 CVE-2024-28231 (eprosima Fast DDS is a C++ implementation of the Data Distribution Ser ...)
+	[experimental] - fastdds 2.14.0+ds-1
 	- fastdds <unfixed> (bug #1067393)
 	NOTE: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-9m2j-qw67-ph4w
 	NOTE: https://github.com/eProsima/Fast-DDS/commit/355706386f4af9ce74125eeec3c449b06113112b (v2.14.0)
@@ -9830,6 +9831,7 @@ CVE-2024-28248 (Cilium is a networking, observability, and security solution wit
 CVE-2024-28237 (OctoPrint provides a web interface for controlling consumer 3D printer ...)
 	NOT-FOR-US: OctoPrint
 CVE-2024-26369 (An issue in the HistoryQosPolicy component of FastDDS v2.12.x, v2.11.x ...)
+	[experimental] - fastdds 2.14.0+ds-1
 	- fastdds <unfixed> (bug #1067180)
 	NOTE: https://github.com/eProsima/Fast-DDS/issues/4365
 	NOTE: https://github.com/eProsima/Fast-DDS/pull/4375
@@ -12721,6 +12723,7 @@ CVE-2024-1224 (This vulnerability exists in USB Pratirodh due to the usage of a
 CVE-2024-1142 (Path Traversal in Sonatype IQ Server from version 143 allows remote au ...)
 	NOT-FOR-US: Sonatype
 CVE-2023-50716 (eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the  ...)
+	[experimental] - fastdds 2.14.0+ds-1
 	- fastdds <unfixed> (bug #1066119)
 	NOTE: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-5m2f-hvj2-cx2h
 CVE-2023-50167 (Pega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue with ed ...)
@@ -17709,6 +17712,7 @@ CVE-2024-1344 (Encrypted database credentials in LaborOfficeFree affecting versi
 CVE-2024-1343 (A weak permission was found in the backup directory in LaborOfficeFree ...)
 	NOT-FOR-US: LaborOfficeFree
 CVE-2023-50257 (eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the  ...)
+	[experimental] - fastdds 2.14.0+ds-1
 	- fastdds <unfixed> (bug #1064515)
 	[bookworm] - fastdds <no-dsa> (Minor issue)
 	[bullseye] - fastdds <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/127f170491cbac3a1690c834aa12713b5a84c1e6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/127f170491cbac3a1690c834aa12713b5a84c1e6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240417/129fc4a8/attachment.htm>
