[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2024-23449

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 29 22:23:16 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c2e46335 by Salvatore Bonaccorso at 2024-03-29T23:20:50+01:00
Add CVE-2024-23449

- - - - -
eaffebfe by Salvatore Bonaccorso at 2024-03-29T23:20:52+01:00
Add two more mesa issues (unimportant)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -291,7 +291,7 @@ CVE-2024-23538 (Improper Neutralization of Special Elements used in an SQL Comma
 CVE-2024-23537 (Improper Privilege Management vulnerability in Apache Fineract.This is ...)
 	NOT-FOR-US: Apache Fineract
 CVE-2024-23449 (An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs wh ...)
-	TODO: check
+	- elasticsearch <removed>
 CVE-2024-1872 (The Button plugin for WordPress is vulnerable to PHP Object Injection  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-1858 (The Lightbox slider \u2013 Responsive Lightbox Gallery plugin for Word ...)
@@ -1294,9 +1294,13 @@ CVE-2023-45922 (glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segment
 CVE-2023-45920 (Xfig v3.2.8 was discovered to contain a NULL pointer dereference when  ...)
 	TODO: check
 CVE-2023-45919 (Mesa 23.0.4 was discovered to contain a buffer over-read in glXQuerySe ...)
-	TODO: check
+	- mesa <unfixed> (unimportant)
+	NOTE: https://gitlab.freedesktop.org/mesa/mesa/-/issues/9858
+	NOTE: Negligible (and disputed) security impact
 CVE-2023-45913 (Mesa v23.0.4 was discovered to contain a NULL pointer dereference via  ...)
-	TODO: check
+	- mesa <unfixed> (unimportant)
+	NOTE: https://gitlab.freedesktop.org/mesa/mesa/-/issues/9856
+	NOTE: Negligible (and disputed) security impact
 CVE-2023-43768 (An issue was discovered in Couchbase Server 6.6.x through 7.2.0, befor ...)
 	NOT-FOR-US: Couchbase Server
 CVE-2023-40290 (An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/acba346ed18709fdbdadc105a41c26053c93f61e...eaffebfee703153776459bc5da9beb89f55b084f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/acba346ed18709fdbdadc105a41c26053c93f61e...eaffebfee703153776459bc5da9beb89f55b084f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240329/6a7a6e79/attachment.htm>

More information about the debian-security-tracker-commits mailing list