[Git][security-tracker-team/security-tracker][master] Add two issues in arm-trusted-firmware

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jul 8 21:28:16 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a8b51796 by Salvatore Bonaccorso at 2024-07-08T22:27:38+02:00
Add two issues in arm-trusted-firmware

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,13 @@
 CVE-2024-6580 (The /n software IPWorks SSH library SFTPServer component can be induce ...)
 	NOT-FOR-US: /n software IPWorks SSH library SFTPServer component
 CVE-2024-6564 (Buffer overflow in "rcar_dev_init"  due to using due to using untruste ...)
-	TODO: check
+	- arm-trusted-firmware <unfixed>
+	NOTE: https://github.com/renesas-rcar/arm-trusted-firmware/commit/c9fb3558410032d2660c7f3b7d4b87dec09fe2f2
+	NOTE: https://asrg.io/security-advisories/cve-2024-6564/
 CVE-2024-6563 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
-	TODO: check
+	- arm-trusted-firmware <unfixed>
+	NOTE: https://github.com/renesas-rcar/arm-trusted-firmware/commit/235f85b654a031f7647e81b86fc8e4ffeb430164
+	NOTE: https://asrg.io/security-advisories/cve-2024-6563/
 CVE-2024-6227 (A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to c ...)
 	NOT-FOR-US: aimhubio/aim
 CVE-2024-6163 (Certain http endpoints of Checkmk in Checkmk < 2.3.0p10 < 2.2.0p31, <  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8b51796b883d4b97e5d2dd16554a3a43c3e468a

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a8b51796b883d4b97e5d2dd16554a3a43c3e468a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240708/4f9bda4d/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list