[Git][security-tracker-team/security-tracker][master] Add CVE-2024-40897/orc
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jul 26 13:11:04 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
85d6fc54 by Salvatore Bonaccorso at 2024-07-26T14:10:13+02:00
Add CVE-2024-40897/orc
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,7 +29,8 @@ CVE-2024-41473 (Tenda FH1201 v1.2.0.14 was discovered to contain a command injec
CVE-2024-41468 (Tenda FH1201 v1.2.0.14 was discovered to contain a command injection v ...)
NOT-FOR-US: Tenda
CVE-2024-40897 (Stack-based buffer overflow vulnerability exists in orcparse.c of ORC ...)
- TODO: check
+ - orc 1:0.4.39-1
+ NOTE: Fixed by: https://gitlab.freedesktop.org/gstreamer/orc/-/commit/fb7db9ae3e8ac271651d1884a3611d30bac04a98 (0.4.39)
CVE-2024-3938 (The "reset password" login page accepted an HTML injection via URL par ...)
NOT-FOR-US: DotCMS
CVE-2024-38103 (Microsoft Edge (Chromium-based) Information Disclosure Vulnerability)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85d6fc545d5ba334033b4f5233f291af4d99b88f
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85d6fc545d5ba334033b4f5233f291af4d99b88f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240726/c8309ae7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list