[Git][security-tracker-team/security-tracker][master] Add two new mbedtls CVEs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jan 27 20:20:25 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
60613a7b by Salvatore Bonaccorso at 2024-01-27T21:19:55+01:00
Add two new mbedtls CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4,6 +4,12 @@ CVE-2024-0960 (A vulnerability was found in flink-extended ai-flow 0.3.1. It has
TODO: check
CVE-2024-0959 (A vulnerability was found in StanfordVL GibsonEnv 0.3.1. It has been c ...)
TODO: check
+CVE-2024-23775 [Buffer overflow in mbedtls_x509_set_extension()]
+ - mbedtls 2.28.7-1
+ NOTE: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-2/
+CVE-2024-23170 [Timing side channel in private key RSA operations]
+ - mbedtls 2.28.7-1
+ NOTE: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-1/
CVE-2024-23506 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
NOT-FOR-US: WordPress plugin
CVE-2024-22862 (Integer overflow vulnerability in FFmpeg before n6.1, allows remote at ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60613a7b619af58402ae45cfae512dbdc559b0c2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60613a7b619af58402ae45cfae512dbdc559b0c2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240127/969855de/attachment.htm>
More information about the debian-security-tracker-commits
mailing list