[Git][security-tracker-team/security-tracker][master] Update CVE-2024-32498 and add CVE-2024-40767
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 23 13:58:20 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
17067937 by Salvatore Bonaccorso at 2024-07-23T14:57:43+02:00
Update CVE-2024-32498 and add CVE-2024-40767
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5076,12 +5076,16 @@ CVE-2023-51776 (Improper privilege management in Jungo WinDriver before 12.1.0 a
NOT-FOR-US: Jungo WinDriver
CVE-2023-39324
REJECTED
+CVE-2024-40767
+ - nova <not-affected> (Incomplete fix/regression never introduced in Debian as fix for CVE-2024-32498 complete)
CVE-2024-32498 (An issue was discovered in OpenStack Cinder through 24.0.0, Glance bef ...)
- cinder <unfixed> (bug #1074763)
- glance 2:28.0.1-3+deb12u1 (bug #1074761)
- - nova <unfixed> (bug #1074762)
+ - nova 2:29.0.2-4 (bug #1074762)
NOTE: https://www.openwall.com/lists/oss-security/2024/07/02/2
NOTE: https://bugs.launchpad.net/nova/+bug/2059809
+ NOTE: When fixing CVE-2024-33498 make sure to make the fix for src:nova complete to
+ NOTE: not introduce CVE-2024-40767.
CVE-2024-6172 (The Email Subscribers by Icegram Express \u2013 Email Marketing, Newsl ...)
NOT-FOR-US: WordPress plugin
CVE-2024-5938 (The Boot Store theme for WordPress is vulnerable to Stored Cross-Site ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17067937be2bc53045a1b1946439045ae41f93d5
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17067937be2bc53045a1b1946439045ae41f93d5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240723/f592e244/attachment.htm>
More information about the debian-security-tracker-commits
mailing list