[Git][security-tracker-team/security-tracker][master] Update details on CVE-2024-7701/percona-toolkit
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 26 08:13:23 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5d696b13 by Salvatore Bonaccorso at 2024-12-26T09:13:05+01:00
Update details on CVE-2024-7701/percona-toolkit
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1662,8 +1662,11 @@ CVE-2024-11841 (The Tithe.ly Giving Button WordPress plugin through 1.1 does not
NOT-FOR-US: WordPress plugin
CVE-2024-7701 (Use of Password Hash With Insufficient Computational Effort vulnerabil ...)
- percona-toolkit <unfixed>
- NOTE: https://github.com/percona/percona-toolkit/blob/aa1ac0e6889168fddf73c3a72d447e9ea0c0c63b/src/go/pt-secure-collect/encrypt.go#L17
- TODO: check details on upstream reports
+ NOTE: https://github.com/percona/percona-toolkit/pull/896
+ NOTE: Fixed by: https://github.com/percona/percona-toolkit/commit/78f20304859ce8d6b236bc2c9c18d74c0b273dd7 (v3.7.0)
+ NOTE: Fixed by: https://github.com/percona/percona-toolkit/commit/3dd1f7da83f642a4e823a098cb4c97e6dc11f478 (v3.7.0)
+ NOTE: Fixed by: https://github.com/percona/percona-toolkit/commit/d661be484c5fae08efbad00ee684b8b3bee9e07a (v3.7.0)
+ NOTE: Fixed by: https://github.com/percona/percona-toolkit/commit/91fec36bac9aa710335e6bba54eed590cf530c18 (v3.7.0)
CVE-2024-11858 (A flaw was found in Radare2, which contains a command injection vulner ...)
- radare2 5.9.8+dfsg-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2329102
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d696b13daf232f615e8957d51c2860ff96d8d6a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d696b13daf232f615e8957d51c2860ff96d8d6a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241226/d7f9d510/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list