[Git][security-tracker-team/security-tracker][master] Add CVE-2024-34703/botan

Mon Jul 1 21:01:24 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4e5e639d by Salvatore Bonaccorso at 2024-07-01T22:00:11+02:00
Add CVE-2024-34703/botan

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -50,7 +50,10 @@ CVE-2024-3122 (CHANGING Mobile One Time Password does not properly filter parame
 CVE-2024-38480 ("Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard ...)
 	NOT-FOR-US: "Piccoma" App for Android and iOS
 CVE-2024-34703 (Botan is a C++ cryptography library. X.509 certificates can identify e ...)
-	TODO: check
+	- botan 2.19.4+dfsg-1
+	NOTE: https://github.com/randombit/botan/security/advisories/GHSA-w4g2-7m2h-7xj7
+	NOTE: https://github.com/randombit/botan/commit/fbe9ec578a8548958677224d2e60d2c2c838bc9a (3.3.0)
+	NOTE: https://github.com/randombit/botan/commit/94e9154c143aa5264da6254a6a1be5bc66ee2b5a (2.19.4)
 CVE-2024-20081 (In gnss service, there is a possible out of bounds write due to improp ...)
 	NOT-FOR-US: MediaTek
 CVE-2024-20080 (In gnss service, there is a possible escalation of privilege due to im ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e5e639d1d39ff51b6a9e877e487756a9cd6a127

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e5e639d1d39ff51b6a9e877e487756a9cd6a127
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240701/8e926c07/attachment-0001.htm>
