[Git][security-tracker-team/security-tracker][master] Add CVE-2024-53259/golang-github-lucas-clemente-quic-go

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8d647dce by Salvatore Bonaccorso at 2024-12-02T21:57:00+01:00
Add CVE-2024-53259/golang-github-lucas-clemente-quic-go

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -121,7 +121,11 @@ CVE-2024-53459 (Sysax Multi Server 6.99 is vulnerable to Cross Site Scripting (X
 CVE-2024-53364 (A SQL injection vulnerability was found in PHPGURUKUL Vehicle Parking  ...)
 	NOT-FOR-US: PHPGURUKUL Vehicle Parking Management System
 CVE-2024-53259 (quic-go is an implementation of the QUIC protocol in Go. An off-path a ...)
-	TODO: check
+	- golang-github-lucas-clemente-quic-go <unfixed>
+	NOTE: https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr
+	NOTE: https://github.com/quic-go/quic-go/pull/4729
+	NOTE: https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50 (master)
+	NOTE: https://github.com/quic-go/quic-go/commit/34157e6455b07723d11385212a4e1328f57f1da5 (v0.48.2)
 CVE-2024-52806 (SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functio ...)
 	TODO: check
 CVE-2024-52732 (Incorrect access control in wms-Warehouse management system-zeqp v2.20 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d647dceec9bb1c5307bd601188e48f934178cbb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d647dceec9bb1c5307bd601188e48f934178cbb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241202/065f78f6/attachment.htm>