[Git][security-tracker-team/security-tracker][master] Process some older chromium issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 18 19:59:46 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
18139a4b by Salvatore Bonaccorso at 2024-07-18T20:59:12+02:00
Process some older chromium issues

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -195,7 +195,8 @@ CVE-2024-5582 (The Schema & Structured Data for WP & AMP plugin for WordPress is
 CVE-2024-5566 (An improper privilege management vulnerability allowed users to migrat ...)
 	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-5500 (Inappropriate implementation in Sign-In in Google Chrome prior to 1.3. ...)
-	TODO: check
+	- chromium 122.0.6261.57-1
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-5255 (The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-5254 (The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to ...)
@@ -219,11 +220,12 @@ CVE-2024-3175 (Insufficient data validation in Extensions in Google Chrome prior
 	{DSA-5573-1}
 	- chromium 120.0.6099.71-1
 CVE-2024-3174 (Inappropriate implementation in V8 in Google Chrome prior to 119.0.604 ...)
-	TODO: check
+	- chromium 119.0.6045.105-1
 CVE-2024-3173 (Insufficient data validation in Updater in Google Chrome prior to 120. ...)
-	TODO: check
+	- chromium 120.0.6099.71-1
 CVE-2024-3172 (Insufficient data validation in DevTools in Google Chrome prior to 121 ...)
-	TODO: check
+	- chromium 121.0.6167.85-1
+	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2024-3171 (Use after free in Accessibility in Google Chrome prior to 122.0.6261.5 ...)
 	TODO: check
 CVE-2024-3170 (Use after free in WebRTC in Google Chrome prior to 121.0.6167.85 allow ...)


=====================================
data/DSA/list
=====================================
@@ -370,7 +370,7 @@
 	[bullseye] - thunderbird 1:115.8.0-1~deb11u1
 	[bookworm] - thunderbird 1:115.8.0-1~deb12u1
 [23 Feb 2024] DSA-5629-1 chromium - security update
-	{CVE-2024-1669 CVE-2024-1670 CVE-2024-1671 CVE-2024-1672 CVE-2024-1673 CVE-2024-1674 CVE-2024-1675 CVE-2024-1676}
+	{CVE-2024-1669 CVE-2024-1670 CVE-2024-1671 CVE-2024-1672 CVE-2024-1673 CVE-2024-1674 CVE-2024-1675 CVE-2024-1676 CVE-2024-5500}
 	[bookworm] - chromium 122.0.6261.57-1~deb12u1
 [22 Feb 2024] DSA-5628-1 imagemagick - security update
 	{CVE-2021-3610 CVE-2022-1115 CVE-2023-1289 CVE-2023-1906 CVE-2023-3428 CVE-2023-5341 CVE-2023-34151}
@@ -449,7 +449,7 @@
 	[bullseye] - gst-plugins-bad1.0 1.18.4-3+deb11u4
 	[bookworm] - gst-plugins-bad1.0 1.22.0-4+deb12u5
 [24 Jan 2024] DSA-5607-1 chromium - security update
-	{CVE-2024-0804 CVE-2024-0805 CVE-2024-0806 CVE-2024-0807 CVE-2024-0808 CVE-2024-0809 CVE-2024-0810 CVE-2024-0811 CVE-2024-0812 CVE-2024-0813 CVE-2024-0814}
+	{CVE-2024-0804 CVE-2024-0805 CVE-2024-0806 CVE-2024-0807 CVE-2024-0808 CVE-2024-0809 CVE-2024-0810 CVE-2024-0811 CVE-2024-0812 CVE-2024-0813 CVE-2024-0814 CVE-2024-3172}
 	[bookworm] - chromium 121.0.6167.85-1~deb12u1
 [24 Jan 2024] DSA-5606-1 firefox-esr - security update
 	{CVE-2024-0741 CVE-2024-0742 CVE-2024-0746 CVE-2024-0747 CVE-2024-0749 CVE-2024-0750 CVE-2024-0751 CVE-2024-0753 CVE-2024-0755}
@@ -580,7 +580,7 @@
 	[bullseye] - libreoffice 1:7.0.4-4+deb11u8
 	[bookworm] - libreoffice 4:7.4.7-1+deb12u1
 [09 Dec 2023] DSA-5573-1 chromium - security update
-	{CVE-2023-6508 CVE-2023-6509 CVE-2023-6510 CVE-2023-6511 CVE-2023-6512 CVE-2024-3175}
+	{CVE-2023-6508 CVE-2023-6509 CVE-2023-6510 CVE-2023-6511 CVE-2023-6512 CVE-2024-3175 CVE-2024-3173}
 	[bullseye] - chromium 120.0.6099.71-1~deb11u1
 	[bookworm] - chromium 120.0.6099.71-1~deb12u1
 [04 Dec 2023] DSA-5572-1 roundcube - security update
@@ -680,7 +680,7 @@
 	[bullseye] - pmix 4.0.0-4.1+deb11u1
 	[bookworm] - pmix 4.2.2-1+deb12u1
 [02 Nov 2023] DSA-5546-1 chromium - security update
-	{CVE-2023-5480 CVE-2023-5482 CVE-2023-5849 CVE-2023-5850 CVE-2023-5851 CVE-2023-5852 CVE-2023-5853 CVE-2023-5854 CVE-2023-5855 CVE-2023-5856 CVE-2023-5857 CVE-2023-5858 CVE-2023-5859}
+	{CVE-2023-5480 CVE-2023-5482 CVE-2023-5849 CVE-2023-5850 CVE-2023-5851 CVE-2023-5852 CVE-2023-5853 CVE-2023-5854 CVE-2023-5855 CVE-2023-5856 CVE-2023-5857 CVE-2023-5858 CVE-2023-5859 CVE-2024-3174}
 	[bullseye] - chromium 119.0.6045.105-1~deb11u1
 	[bookworm] - chromium 119.0.6045.105-1~deb12u1
 [02 Nov 2023] DSA-5545-1 vlc - security update



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18139a4b9d8967bf927202cef735cfb0e4186057

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18139a4b9d8967bf927202cef735cfb0e4186057
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240718/4a28c85c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list