[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 3 09:26:23 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
75ef2a52 by Salvatore Bonaccorso at 2024-06-03T10:25:40+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,15 +7,30 @@ CVE-2024-5311 (DigiWin EasyFlow .NET lacks validation for certain input paramete
 CVE-2024-37031 (The Active Admin (aka activeadmin) framework before 3.2.2 for Ruby on  ...)
 	TODO: check
 CVE-2024-36964 (In the Linux kernel, the following vulnerability has been resolved:  f ...)
-	TODO: check
+	- linux 6.8.11-1
+	[bullseye] - linux 5.10.218-1
+	NOTE: https://git.kernel.org/linus/cd25e15e57e68a6b18dc9323047fe9c68b99290b (6.9-rc5)
 CVE-2024-36963 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
-	TODO: check
+	- linux 6.8.11-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/baa23a8d4360d981a49913841a726edede5cdd54 (6.9-rc7)
 CVE-2024-36962 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
-	TODO: check
+	- linux 6.8.11-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e0863634bf9f7cf36291ebb5bfa2d16632f79c49 (6.9)
 CVE-2024-36961 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
-	TODO: check
+	- linux 6.8.11-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	[buster] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c7f7c37271787a7f77d7eedc132b0b419a76b4c8 (6.9-rc7)
 CVE-2024-36960 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
-	TODO: check
+	- linux 6.8.11-1
+	[bullseye] - linux 5.10.218-1
+	NOTE: https://git.kernel.org/linus/a37ef7613c00f2d72c8fc08bd83fb6cc76926c8c (6.9-rc7)
 CVE-2024-36042 (Silverpeas before 6.3.5 allows authentication bypass by omitting the P ...)
 	TODO: check
 CVE-2024-35643 (Cross Site Scripting (XSS) vulnerability in Xabier Miranda WP Back But ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75ef2a52f9e55850c50803a77492f171c101c70e

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75ef2a52f9e55850c50803a77492f171c101c70e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240603/82176754/attachment.htm>

More information about the debian-security-tracker-commits mailing list