[Git][security-tracker-team/security-tracker][master] add links to additional commits worth backporting for git fixes

Sean Whitton (@spwhitton) spwhitton at debian.org
Thu Aug 8 07:45:19 BST 2024 


Sean Whitton pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a7e3429d by Sean Whitton at 2024-08-08T14:44:52+08:00
add links to additional commits worth backporting for git fixes

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24728,6 +24728,7 @@ CVE-2024-32465 (Git is a revision control system. The Git project recommends to
 	{DLA-3844-1}
 	- git 1:2.45.1-1 (bug #1071160)
 	NOTE: https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4
+	NOTE: https://github.com/git/git/commit/5c5a4a1c05932378d259b1fdd9526cab971656a2
 	NOTE: https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7
 CVE-2024-32355 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a co ...)
 	NOT-FOR-US: TOTOLINK
@@ -24786,6 +24787,8 @@ CVE-2024-32002 (Git is a revision control system. Prior to versions 2.45.1, 2.44
 	{DLA-3844-1}
 	- git 1:2.45.1-1 (bug #1071160)
 	NOTE: https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv
+	NOTE: https://github.com/git/git/commit/b20c10fd9b035f46e48112d2cd33d7cb740012b6
+	NOTE: https://github.com/git/git/commit/906fc557b70b2b2995785c9b37e212d2f86b469e
 	NOTE: https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d
 CVE-2024-31980 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
 	NOT-FOR-US: Siemens
@@ -415198,6 +415201,7 @@ CVE-2019-1387 (An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21
 	- git 1:2.24.0-2
 	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=a8dee3ca610f5a1d403634492136c887f83b59d2
 	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
+	NOTE: follow-up fix: https://git.kernel.org/pub/scm/git/git.git/commit/?id=9cf85473209ea8ae2b56c13145c4704d12ee1374
 CVE-2019-1386
 	REJECTED
 CVE-2019-1385 (An elevation of privilege vulnerability exists when the Windows AppX D ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7e3429d5bfc15ab77cd65404bdccb475dc60e87

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7e3429d5bfc15ab77cd65404bdccb475dc60e87
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240808/5d26b4eb/attachment.htm>

More information about the debian-security-tracker-commits mailing list