[Git][security-tracker-team/security-tracker][master] new azure-uamqp-python issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a1428f52 by Moritz Muehlenhoff at 2024-02-16T12:44:28+01:00
new azure-uamqp-python issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -952,7 +952,9 @@ CVE-2024-25112 (Exiv2 is a command-line utility and C++ library for reading, wri
 	NOTE: Fixed by: https://github.com/Exiv2/exiv2/commit/355afea485550e8214ac6b449fb210a7efb71365 (v0.28.2)
 	TODO: unclear range of affected versions: while the report claims it is new in v0.28.0 the QuickTimeVideo::multipleEntriesDecoder is present earlier
 CVE-2024-25110 (The UAMQP is a general purpose C library for AMQP 1.0. During a call t ...)
-	TODO: check
+	- azure-uamqp-python <unfixed>
+	NOTE: https://github.com/Azure/azure-uamqp-c/commit/30865c9ccedaa32ddb036e87a8ebb52c3f18f695
+	NOTE: https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-c646-4whf-r67v
 CVE-2024-25108 (Pixelfed is an open source photo sharing platform. When processing req ...)
 	NOT-FOR-US: Pixelfed
 CVE-2024-24935 (Cross-Site Request Forgery (CSRF) vulnerability in WpSimpleTools Basic ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1428f529aafad4e6a977d3c50d1513ce06e89db

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1428f529aafad4e6a977d3c50d1513ce06e89db
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240216/8ee49764/attachment.htm>