[Git][security-tracker-team/security-tracker][master] Remove bullseye entries which for three CVEs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Dec 7 19:28:33 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1b91bb8d by Salvatore Bonaccorso at 2024-12-07T20:26:59+01:00
Remove bullseye entries which for three CVEs
The CVEs got added retrospectively to the DLA entry, DLA-3909-1 in
61210e735e6c ("Update DLA-3909-1 to include the additionally fixed
CVEs.").
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2173,7 +2173,6 @@ CVE-2024-43784 (lakeFS is an open-source tool that transforms object storage int
NOT-FOR-US: lakeFS
CVE-2024-36467 (An authenticated user with API access (e.g.: user with default User ro ...)
- zabbix 1:7.0.2+dfsg-1 (bug #1088689)
- [bullseye] - zabbix 1:5.0.44+dfsg-1+deb11u1
NOTE: https://support.zabbix.com/browse/ZBX-25614
NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/dabb5dd27aa979657a5bd6077716ce60951e1552 (7.0.2rc1)
NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/cf14d079941a3161dedfc85b9f5c474ed2208c0b (7.0.2rc1)
@@ -2327,7 +2326,6 @@ CVE-2024-38830 (VMware Aria Operations contains a local privilege escalation vul
NOT-FOR-US: VMware
CVE-2024-36463 (The implementation of atob in "Zabbix JS" allows to create a string wi ...)
- zabbix 1:7.0.3+dfsg-1
- [bullseye] - zabbix 1:5.0.44+dfsg-1+deb11u1
NOTE: https://support.zabbix.com/browse/ZBX-25611
NOTE: Fixed by (merge commit): https://github.com/zabbix/zabbix/commit/223a21567b659366396781429a8d87009600784a (7.0.3rc1)
NOTE: Fixed by (merge commit): https://github.com/zabbix/zabbix/commit/b88db679a85bcc22d2f270bf0bf736f4649b445c (7.0.3rc1)
@@ -2337,7 +2335,6 @@ CVE-2024-32965 (Lobe Chat is an open-source, AI chat framework. Versions of lobe
NOT-FOR-US: Lobe Chat
CVE-2024-22117 (When a URL is added to the map element, it is recorded in the database ...)
- zabbix 1:7.0.5+dfsg-1
- [bullseye] - zabbix 1:5.0.44+dfsg-1+deb11u1
NOTE: https://support.zabbix.com/browse/ZBX-25610
NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/bcf43da8eaaafc03e53845085f5b87d8c858ac81 (7.0.4rc1)
NOTE: Fixed by: https://github.com/zabbix/zabbix/commit/73d694022cd8e3468d1fdb1dc672e8d0eb9a2fc3 (6.0.34rc1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b91bb8d505e3d7bfca6bb09bfd37bcfbd341dba
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b91bb8d505e3d7bfca6bb09bfd37bcfbd341dba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241207/455e6de9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list