[Git][security-tracker-team/security-tracker][master] 2 commits: Add additional information to recently referenced commits
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 8 18:37:08 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d502b03b by Salvatore Bonaccorso at 2024-08-08T18:46:28+02:00
Add additional information to recently referenced commits
- - - - -
c6bc6c66 by Salvatore Bonaccorso at 2024-08-08T19:35:53+02:00
Add reference for upstream bug for CVE-2024-6782/calibre
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -697,8 +697,9 @@ CVE-2024-6782 (Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthent
- calibre 7.16.0+ds-1
[bullseye] - calibre <not-affected> (Vulnerable code not present)
NOTE: https://starlabs.sg/advisories/24/24-6782/
- NOTE: https://github.com/kovidgoyal/calibre/commit/38a1bf50d8cd22052ae59c513816706c6445d5e9 (v7.16.0)
- NOTE: Introduced in https://github.com/kovidgoyal/calibre/commit/1ecb96d76a7ff5269b3a85472cc64fe834407b60 (v6.9.0)
+ NOTE: https://bugs.launchpad.net/calibre/+bug/2075128
+ NOTE: Fixed by: https://github.com/kovidgoyal/calibre/commit/38a1bf50d8cd22052ae59c513816706c6445d5e9 (v7.16.0)
+ NOTE: Introduced in: https://github.com/kovidgoyal/calibre/commit/1ecb96d76a7ff5269b3a85472cc64fe834407b60 (v6.9.0)
CVE-2024-6781 (Path traversal in Calibre <= 7.14.0 allow unauthenticated attackers to ...)
- calibre 7.16.0+ds-1
NOTE: https://starlabs.sg/advisories/24/24-6781/
@@ -24817,8 +24818,8 @@ CVE-2024-32465 (Git is a revision control system. The Git project recommends to
{DLA-3844-1}
- git 1:2.45.1-1 (bug #1071160)
NOTE: https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4
- NOTE: https://github.com/git/git/commit/5c5a4a1c05932378d259b1fdd9526cab971656a2
- NOTE: https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7
+ NOTE: Prerequsite for test: https://github.com/git/git/commit/5c5a4a1c05932378d259b1fdd9526cab971656a2
+ NOTE: Fixed by: https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7
CVE-2024-32355 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a co ...)
NOT-FOR-US: TOTOLINK
CVE-2024-32354 (TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a co ...)
@@ -24876,9 +24877,9 @@ CVE-2024-32002 (Git is a revision control system. Prior to versions 2.45.1, 2.44
{DLA-3844-1}
- git 1:2.45.1-1 (bug #1071160)
NOTE: https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv
- NOTE: https://github.com/git/git/commit/b20c10fd9b035f46e48112d2cd33d7cb740012b6
- NOTE: https://github.com/git/git/commit/906fc557b70b2b2995785c9b37e212d2f86b469e
- NOTE: https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d
+ NOTE: Additional useful test: https://github.com/git/git/commit/b20c10fd9b035f46e48112d2cd33d7cb740012b6
+ NOTE: Requisite: https://github.com/git/git/commit/906fc557b70b2b2995785c9b37e212d2f86b469e
+ NOTE: Fixed by: https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d
CVE-2024-31980 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
NOT-FOR-US: Siemens
CVE-2024-31491 (A client-side enforcement of server-side security in Fortinet FortiSan ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9f21a4552a325f70884b9a339596ccc7eb81cbcf...c6bc6c66cd99e70a7b22ee50d1657fdc1bd15395
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9f21a4552a325f70884b9a339596ccc7eb81cbcf...c6bc6c66cd99e70a7b22ee50d1657fdc1bd15395
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240808/f98b62ce/attachment.htm>
More information about the debian-security-tracker-commits
mailing list