[Git][security-tracker-team/security-tracker][master] Add CVE-2024-39929/exim4

Thu Jul 4 21:58:50 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb410a51 by Salvatore Bonaccorso at 2024-07-04T22:58:09+02:00
Add CVE-2024-39929/exim4

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,7 +27,10 @@ CVE-2024-39931 (Gogs through 0.13.0 allows deletion of internal files.)
 CVE-2024-39930 (The built-in SSH server of Gogs through 0.13.0 allows argument injecti ...)
 	NOT-FOR-US: Go Git Service
 CVE-2024-39929 (Exim through 4.97.1 misparses a multiline RFC 2231 header filename, an ...)
-	TODO: check
+	- exim4 <unfixed>
+	NOTE: https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357
+	NOTE: https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b
+	NOTE: https://bugs.exim.org/show_bug.cgi?id=3099#c4
 CVE-2024-39211 (Kaiten 57.128.8 allows remote attackers to enumerate user accounts via ...)
 	NOT-FOR-US: Kaiten
 CVE-2024-39165 (QR/demoapp/qr_image.php in Asial JpGraph Professional through 4.2.6-pr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb410a5107eefe18664a86fa860e461152c3169e

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb410a5107eefe18664a86fa860e461152c3169e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240704/f410d9e7/attachment-0001.htm>
