[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-34580/xml-security-c

Fri Jun 28 20:51:59 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
15c50020 by Salvatore Bonaccorso at 2024-06-28T21:51:12+02:00
Add Debian bug reference for CVE-2024-34580/xml-security-c

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -522,7 +522,7 @@ CVE-2024-35526 (An issue in Daemon PTY Limited FarCry Core framework before 7.2.
 CVE-2024-34581 (The W3C XML Signature Syntax and Processing (XMLDsig) specification, s ...)
 	NOT-FOR-US: W3C XML Signature Syntax and Processing (XMLDsig) specification
 CVE-2024-34580 (Apache XML Security for C++ through 2.0.4 implements the XML Signature ...)
-	- xml-security-c <unfixed>
+	- xml-security-c <unfixed> (bug #1074429)
 	NOTE: https://cloud.google.com/blog/topics/threat-intelligence/apache-library-allows-server-side-request-forgery
 	NOTE: https://www.sonatype.com/blog/the-exploited-ivanti-connect-ssrf-vulnerability-stems-from-xmltooling-oss-library
 	NOTE: https://github.com/zmanion/Vulnerabilities/blob/main/CVE-2024-21893.md



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/15c500204eb178c7e0185c4341488ca2582dbb53

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/15c500204eb178c7e0185c4341488ca2582dbb53
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240628/f7524b3a/attachment.htm>
