[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Dec 8 20:12:51 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3147975a by security tracker role at 2024-12-08T20:12:45+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2024-12343 (A vulnerability classified as critical has been found in TP-Link VN020 ...)
+ TODO: check
CVE-2024-53473 (WeGIA 3.2.0 before 3998672 does not verify permission to change a pass ...)
TODO: check
CVE-2024-12342 (A vulnerability was found in TP-Link VN020 F3v(T) TT_V6.2.1021. It has ...)
@@ -4185,26 +4187,26 @@ CVE-2024-11477 (7-Zip Zstandard Decompression Integer Underflow Remote Code Exec
- p7zip <not-affected> (Vulnerable code not present)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1532/
CVE-2024-11233 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before ...)
- {DSA-5819-1}
+ {DSA-5819-1 DLA-3986-1}
- php8.2 8.2.26-4 (bug #1088688)
- php7.4 <removed>
NOTE: https://github.com/php/php-src/security/advisories/GHSA-r977-prxv-hc43
NOTE: https://github.com/php/php-src/commit/a6c84cd7efd7eaaaefd4463412508df570d35358 (php-8.2.26)
CVE-2024-11234 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before ...)
- {DSA-5819-1}
+ {DSA-5819-1 DLA-3986-1}
- php8.2 8.2.26-4 (bug #1088688)
- php7.4 <removed>
NOTE: https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2
NOTE: https://github.com/php/php-src/commit/cf6700e86d6357420a7c8386da63d48fec55f633 (php-8.2.26)
CVE-2024-11236 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before ...)
- {DSA-5819-1}
+ {DSA-5819-1 DLA-3986-1}
- php8.2 8.2.26-4 (bug #1088688)
- php7.4 <removed>
NOTE: https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv
NOTE: https://github.com/php/php-src/commit/7742f79a8a9c20522dbf40e1dc1d4ccad71d399c (php-8.2.26)
NOTE: https://github.com/php/php-src/commit/2dbe1425c5768faea2aa7bca26081dd208c94ac8 (php-8.2.26)
CVE-2024-8929 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before ...)
- {DSA-5819-1}
+ {DSA-5819-1 DLA-3986-1}
- php8.2 8.2.26-4 (bug #1088688)
- php7.4 <removed>
NOTE: https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678
@@ -4212,7 +4214,7 @@ CVE-2024-8929 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* b
NOTE: Follow-up: https://github.com/php/php-src/commit/abc6de0ddec93564e9faa8065ac5756a1fbaf763 (php-8.2.26)
NOTE: Follow-up: https://github.com/php/php-src/commit/913031c844737d78a62c4af2aab1c3eeb7dc95bf (php-8.2.26)
CVE-2024-8932 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before ...)
- {DSA-5819-1}
+ {DSA-5819-1 DLA-3986-1}
- php8.2 8.2.26-4 (bug #1088688)
- php7.4 <removed>
NOTE: https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff
@@ -125386,7 +125388,7 @@ CVE-2020-36728 (The Adning Advertising plugin for WordPress is vulnerable to fil
CVE-2020-36705 (The Adning Advertising plugin for WordPress is vulnerable to arbitrary ...)
NOT-FOR-US: Adning Advertising plugin for WordPress
CVE-2023-33865 (RenderDoc before 1.27 allows local privilege escalation via a symlink ...)
- {DLA-3501-1}
+ {DLA-3987-1 DLA-3501-1}
- renderdoc 1.27+dfsg-1 (bug #1037208)
[bookworm] - renderdoc <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3
@@ -125396,7 +125398,7 @@ CVE-2023-33865 (RenderDoc before 1.27 allows local privilege escalation via a sy
NOTE: https://github.com/baldurk/renderdoc/commit/203fc8382a79d53d2035613d9425d966b1d4958e (v1.27)
NOTE: https://github.com/baldurk/renderdoc/commit/771aa8e769b72e6a36b31d6e2116db9952dcbe9b (v1.27)
CVE-2023-33864 (StreamReader::ReadFromExternal in RenderDoc before 1.27 allows an Inte ...)
- {DLA-3501-1}
+ {DLA-3987-1 DLA-3501-1}
- renderdoc 1.27+dfsg-1 (bug #1037208)
[bookworm] - renderdoc <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3
@@ -125406,7 +125408,7 @@ CVE-2023-33864 (StreamReader::ReadFromExternal in RenderDoc before 1.27 allows a
NOTE: https://github.com/baldurk/renderdoc/commit/203fc8382a79d53d2035613d9425d966b1d4958e (v1.27)
NOTE: https://github.com/baldurk/renderdoc/commit/771aa8e769b72e6a36b31d6e2116db9952dcbe9b (v1.27)
CVE-2023-33863 (SerialiseValue in RenderDoc before 1.27 allows an Integer Overflow wit ...)
- {DLA-3501-1}
+ {DLA-3987-1 DLA-3501-1}
- renderdoc 1.27+dfsg-1 (bug #1037208)
[bookworm] - renderdoc <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3147975a90fad31a9e3c5984f6e91afea70fe81a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3147975a90fad31a9e3c5984f6e91afea70fe81a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241208/61fcf7fa/attachment.htm>
More information about the debian-security-tracker-commits
mailing list