[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Dec 8 20:12:51 GMT 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3147975a by security tracker role at 2024-12-08T20:12:45+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2024-12343 (A vulnerability classified as critical has been found in TP-Link VN020 ...)
+	TODO: check
 CVE-2024-53473 (WeGIA 3.2.0 before 3998672 does not verify permission to change a pass ...)
 	TODO: check
 CVE-2024-12342 (A vulnerability was found in TP-Link VN020 F3v(T) TT_V6.2.1021. It has ...)
@@ -4185,26 +4187,26 @@ CVE-2024-11477 (7-Zip Zstandard Decompression Integer Underflow Remote Code Exec
 	- p7zip <not-affected> (Vulnerable code not present)
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1532/
 CVE-2024-11233 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before ...)
-	{DSA-5819-1}
+	{DSA-5819-1 DLA-3986-1}
 	- php8.2 8.2.26-4 (bug #1088688)
 	- php7.4 <removed>
 	NOTE: https://github.com/php/php-src/security/advisories/GHSA-r977-prxv-hc43
 	NOTE: https://github.com/php/php-src/commit/a6c84cd7efd7eaaaefd4463412508df570d35358 (php-8.2.26)
 CVE-2024-11234 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before ...)
-	{DSA-5819-1}
+	{DSA-5819-1 DLA-3986-1}
 	- php8.2 8.2.26-4 (bug #1088688)
 	- php7.4 <removed>
 	NOTE: https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2
 	NOTE: https://github.com/php/php-src/commit/cf6700e86d6357420a7c8386da63d48fec55f633 (php-8.2.26)
 CVE-2024-11236 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before ...)
-	{DSA-5819-1}
+	{DSA-5819-1 DLA-3986-1}
 	- php8.2 8.2.26-4 (bug #1088688)
 	- php7.4 <removed>
 	NOTE: https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv
 	NOTE: https://github.com/php/php-src/commit/7742f79a8a9c20522dbf40e1dc1d4ccad71d399c (php-8.2.26)
 	NOTE: https://github.com/php/php-src/commit/2dbe1425c5768faea2aa7bca26081dd208c94ac8 (php-8.2.26)
 CVE-2024-8929 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before ...)
-	{DSA-5819-1}
+	{DSA-5819-1 DLA-3986-1}
 	- php8.2 8.2.26-4 (bug #1088688)
 	- php7.4 <removed>
 	NOTE: https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678
@@ -4212,7 +4214,7 @@ CVE-2024-8929 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* b
 	NOTE: Follow-up: https://github.com/php/php-src/commit/abc6de0ddec93564e9faa8065ac5756a1fbaf763 (php-8.2.26)
 	NOTE: Follow-up: https://github.com/php/php-src/commit/913031c844737d78a62c4af2aab1c3eeb7dc95bf (php-8.2.26)
 CVE-2024-8932 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before ...)
-	{DSA-5819-1}
+	{DSA-5819-1 DLA-3986-1}
 	- php8.2 8.2.26-4 (bug #1088688)
 	- php7.4 <removed>
 	NOTE: https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff
@@ -125386,7 +125388,7 @@ CVE-2020-36728 (The Adning Advertising plugin for WordPress is vulnerable to fil
 CVE-2020-36705 (The Adning Advertising plugin for WordPress is vulnerable to arbitrary ...)
 	NOT-FOR-US: Adning Advertising plugin for WordPress
 CVE-2023-33865 (RenderDoc before 1.27 allows local privilege escalation via a symlink  ...)
-	{DLA-3501-1}
+	{DLA-3987-1 DLA-3501-1}
 	- renderdoc 1.27+dfsg-1 (bug #1037208)
 	[bookworm] - renderdoc <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3
@@ -125396,7 +125398,7 @@ CVE-2023-33865 (RenderDoc before 1.27 allows local privilege escalation via a sy
 	NOTE: https://github.com/baldurk/renderdoc/commit/203fc8382a79d53d2035613d9425d966b1d4958e (v1.27)
 	NOTE: https://github.com/baldurk/renderdoc/commit/771aa8e769b72e6a36b31d6e2116db9952dcbe9b (v1.27)
 CVE-2023-33864 (StreamReader::ReadFromExternal in RenderDoc before 1.27 allows an Inte ...)
-	{DLA-3501-1}
+	{DLA-3987-1 DLA-3501-1}
 	- renderdoc 1.27+dfsg-1 (bug #1037208)
 	[bookworm] - renderdoc <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3
@@ -125406,7 +125408,7 @@ CVE-2023-33864 (StreamReader::ReadFromExternal in RenderDoc before 1.27 allows a
 	NOTE: https://github.com/baldurk/renderdoc/commit/203fc8382a79d53d2035613d9425d966b1d4958e (v1.27)
 	NOTE: https://github.com/baldurk/renderdoc/commit/771aa8e769b72e6a36b31d6e2116db9952dcbe9b (v1.27)
 CVE-2023-33863 (SerialiseValue in RenderDoc before 1.27 allows an Integer Overflow wit ...)
-	{DLA-3501-1}
+	{DLA-3987-1 DLA-3501-1}
 	- renderdoc 1.27+dfsg-1 (bug #1037208)
 	[bookworm] - renderdoc <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3147975a90fad31a9e3c5984f6e91afea70fe81a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3147975a90fad31a9e3c5984f6e91afea70fe81a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241208/61fcf7fa/attachment.htm>


More information about the debian-security-tracker-commits mailing list