[Git][security-tracker-team/security-tracker][master] 2 commits: add commits to fix CVE-2024-23944

Thorsten Alteholz (@alteholz) alteholz at debian.org
Sun Mar 24 17:41:52 GMT 2024 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cde2e16d by Thorsten Alteholz at 2024-03-24T18:40:46+01:00
add commits to fix CVE-2024-23944

- - - - -
f8ad0fa1 by Thorsten Alteholz at 2024-03-24T18:41:35+01:00
add zookeeper

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2198,6 +2198,8 @@ CVE-2024-28752 (A SSRF vulnerability using the Aegis DataBinding in versions of
 CVE-2024-23944 (Information disclosure in persistent watchers handling in Apache ZooKe ...)
 	- zookeeper <unfixed> (bug #1066947)
 	NOTE: https://www.openwall.com/lists/oss-security/2024/03/14/2
+	NOTE: fixed by: https://github.com/apache/zookeeper/commit/65b91d2d9a56157285c2a86b106e67c26520b01d (v3.8.x)
+	NOTE: fixed by: https://github.com/apache/zookeeper/commit/daf7cfd04005cff1a4f7cab5ab13d41db88d0cd8 (v3.9.x)
 CVE-2024-1930
 	NOT-FOR-US: dnf5daemon-server
 CVE-2024-1929


=====================================
data/dla-needed.txt
=====================================
@@ -313,3 +313,6 @@ wordpress
 zabbix (utkarsh)
   NOTE: 20240212: Added by Front-Desk (utkarsh)
 --
+zookeeper
+  NOTE: 20240324: Added by Front-Desk (ta)
+--



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4734816754d286e8198e442b3e182bdfd2047a14...f8ad0fa1faaeb144ce9d02cf39543698cddf73f3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4734816754d286e8198e442b3e182bdfd2047a14...f8ad0fa1faaeb144ce9d02cf39543698cddf73f3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240324/378801bb/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list