[Git][security-tracker-team/security-tracker][master] CVE-2024-28054/amavisd-new: clarify notes a little

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Sat Dec 21 13:18:13 GMT 2024 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
909f4ee4 by Sylvain Beucler at 2024-12-21T14:17:54+01:00
CVE-2024-28054/amavisd-new: clarify notes a little

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -80699,9 +80699,9 @@ CVE-2024-28054 (Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because o
 	NOTE: https://gitlab.com/amavis/amavis/commit/78c4b7076ebf1d711629a95860aae1bc0db5277a (v2.13.1)
 	NOTE: https://gitlab.com/amavis/amavis/commit/d921bc5208ce5b4e8f3e387a1d4e1f8fa4e85008 (v2.13.1)
 	NOTE: https://gitlab.com/amavis/amavis/commit/c6c4a4c27c60194b68b617b7d3cfb033d6c587e2 (v2.13.1)
-	NOTE: Patched amavisd-new version can use MIME::Entity->ambiguous_content if available
-	NOTE: to get help on detecting an an ambiguous email or use an own ambiguous_content
-	NOTE: check if the available MIME::Tools are too old.
+	NOTE: Patched amavisd-new version uses MIME::Entity->ambiguous_content if available
+	NOTE: to get help on detecting an an ambiguous email, or uses its own ambiguous_content
+	NOTE: check if the available MIME::Tools are too old (<5.514).
 CVE-2024-28752 (A SSRF vulnerability using the Aegis DataBinding in versions of Apache ...)
 	NOT-FOR-US: Apache CXF
 CVE-2024-23944 (Information disclosure in persistent watchers handling in Apache ZooKe ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/909f4ee4ab88af057ee8975db0bf06cab6defa2e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/909f4ee4ab88af057ee8975db0bf06cab6defa2e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241221/6aaf64f7/attachment.htm>

More information about the debian-security-tracker-commits mailing list