[Git][security-tracker-team/security-tracker][master] Add CVE-2024-41184/keepalived

Thu Jul 18 20:23:06 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
01fc743b by Salvatore Bonaccorso at 2024-07-18T21:21:18+02:00
Add CVE-2024-41184/keepalived

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,7 +11,12 @@ CVE-2024-5964 (The Zenon Lite theme for WordPress is vulnerable to Stored Cross-
 CVE-2024-5726 (The Timeline Event History plugin for WordPress is vulnerable to PHP O ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-41184 (In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived th ...)
-	TODO: check
+	- keepalived <unfixed>
+	[bookworm] - keepalived <no-dsa> (Minor issue)
+	[bullseye] - keepalived <no-dsa> (Minor issue)
+	NOTE: https://github.com/acassen/keepalived/commit/e78513fe0ce5d83c226ea2c0bd222f375c2438e7
+	NOTE: https://github.com/acassen/keepalived/issues/2447#issuecomment-2231329734
+	NOTE: An empty ipset name must be explicitly configured by the user
 CVE-2024-40764 (Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allo ...)
 	NOT-FOR-US: SonicWall
 CVE-2024-40492 (Cross Site Scripting vulnerability in Heartbeat Chat v.15.2.1 allows a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01fc743b7678f2692e5a8d3019f46bb338397956

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01fc743b7678f2692e5a8d3019f46bb338397956
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240718/70bfd82b/attachment-0001.htm>
