[Git][security-tracker-team/security-tracker][master] Add CVE-2024-39695/exiv2
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 9 19:54:30 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e6e6ac45 by Salvatore Bonaccorso at 2024-07-09T20:53:52+02:00
Add CVE-2024-39695/exiv2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -230,7 +230,11 @@ CVE-2024-39701 (Directus is a real-time API and App dashboard for managing SQL d
CVE-2024-39699 (Directus is a real-time API and App dashboard for managing SQL databas ...)
NOT-FOR-US: Directus
CVE-2024-39695 (Exiv2 is a command-line utility and C++ library for reading, writing, ...)
- TODO: check
+ - exiv2 <not-affected> (Vulnerable code not present)
+ NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-38rv-8x93-pvrh
+ NOTE: https://github.com/Exiv2/exiv2/pull/3006
+ NOTE: Introduced after: https://github.com/Exiv2/exiv2/commit/cb7a48f84aeb30251caae909901555dffa4e9fcb (v0.28.0)
+ NOTE: Fixed by: https://github.com/Exiv2/exiv2/commit/3a28346db5ae1735a8728fe3491b0aecc1dbf387 (v0.28.3)
CVE-2024-39677 (NHibernate is an object-relational mapper for the .NET framework. A SQ ...)
TODO: check
CVE-2024-39312 (Botan is a C++ cryptography library. X.509 certificates can identify e ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6e6ac45a618471bca6adb03dea8d5682d3afc6a
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6e6ac45a618471bca6adb03dea8d5682d3afc6a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240709/667151ae/attachment.htm>
More information about the debian-security-tracker-commits
mailing list