[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-29507
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jul 4 20:55:30 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
44c91f32 by Salvatore Bonaccorso at 2024-07-04T21:54:46+02:00
Update status for CVE-2024-29507
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -116,9 +116,11 @@ CVE-2024-29508 (Artifex Ghostscript before 10.03.0 has a heap-based pointer disc
NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=ff1013a0ab485b66783b70145e342a82c670906a (ghostpdl-10.03.0)
CVE-2024-29507 (Artifex Ghostscript before 10.03.0 sometimes has a stack-based buffer ...)
- ghostscript 10.03.0~dfsg-1
+ [bullseye] - ghostscript <not-affected> (Vulnerable code introduced later)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=707510
NOTE: https://www.openwall.com/lists/oss-security/2024/07/03/7
- NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=7745dbe24514710b0cfba925e608e607dee9eb0f (ghostpdl-10.03.0)
+ NOTE: Introduced with: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=316c3a08269212f1005709da64efcb383f8f5ce0 (ghostpdl-9.55.0rc1)
+ NOTE: Fixed by: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=7745dbe24514710b0cfba925e608e607dee9eb0f (ghostpdl-10.03.0)
CVE-2024-29506 (Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow i ...)
- ghostscript 10.03.0~dfsg-1
[bullseye] - ghostscript <not-affected> (Vulnerable code introduced later)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c91f3211b53fec20ad243b5df097f554ab2b8b
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c91f3211b53fec20ad243b5df097f554ab2b8b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240704/acc9ad28/attachment.htm>
More information about the debian-security-tracker-commits
mailing list