[Git][security-tracker-team/security-tracker][master] new rustls issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
97b773b8 by Moritz Muehlenhoff at 2024-04-22T14:04:08+02:00
new rustls issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -130,7 +130,12 @@ CVE-2024-32683 (Authorization Bypass Through User-Controlled Key vulnerability i
 CVE-2024-32652 (The adapter @hono/node-server allows you to run your Hono application  ...)
 	NOT-FOR-US: @hono/node-server
 CVE-2024-32650 (Rustls is a modern TLS library written in Rust. `rustls::ConnectionCom ...)
-	TODO: check
+	- rust-rustls <unfixed>
+	NOTE: github.com: https://github.com/rustls/rustls/security/advisories/GHSA-6g7w-8wpp-frhj
+	NOTE: github.com: https://github.com/rustls/rustls/commit/2123576840aa31043a31b0770e6572136fbe0c2d (v/0.23.5)
+	NOTE: github.com: https://github.com/rustls/rustls/commit/6e938bcfe82a9da7a2e1cbf10b928c7eca26426e (v/0.23.5)
+	NOTE: github.com: https://github.com/rustls/rustls/commit/f45664fbded03d833dffd806503d3c8becd1b71e (v/0.23.5)
+	NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0336.html
 CVE-2024-32644 (Evmos is a scalable, high-throughput Proof-of-Stake EVM blockchain tha ...)
 	NOT-FOR-US: Evmos
 CVE-2024-32478 (Git Credential Manager (GCM) is a secure Git credential helper. Prior  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97b773b80b1227e919829161854c071bef8585c1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97b773b80b1227e919829161854c071bef8585c1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240422/eab48ae9/attachment-0001.htm>