[Git][security-tracker-team/security-tracker][master] CVE-2024-2798[23]/nodejs: Reference fixing commits.

Sat May 4 19:50:54 BST 2024


Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker


Commits:
48b538fd by Guilhem Moulin at 2024-05-04T20:49:26+02:00
CVE-2024-2798[23]/nodejs: Reference fixing commits.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11513,9 +11513,11 @@ CVE-2024-31080 (A heap-based buffer over-read vulnerability was found in the X.o
 CVE-2024-27983 (An attacker can make the Node.js HTTP/2 server completely unavailable  ...)
 	- nodejs 18.20.1+dfsg-1 (bug #1068347)
 	NOTE: https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/
+	NOTE: Fixed by: https://github.com/nodejs/node/commit/0fb816dbccde955cd24acc1b16497a91fab507c8 (v18.20.1)
 CVE-2024-27982
 	- nodejs 18.20.1+dfsg-1 (bug #1068347)
 	NOTE: https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/
+	NOTE: Fixed by: https://github.com/nodejs/node/commit/5d4d5848cf557fba6dc0bfdd020471ea607950ca (v18.20.1)
 CVE-2024-3248 (In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads ...)
 	- xpdf <not-affected> (Debian uses poppler, which is not affected)
 CVE-2024-3247 (In Xpdf 4.05 (and earlier), a PDF object loop in an object stream lead ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48b538fd2b92a81cd31c803019ff1ebe652c0ec5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48b538fd2b92a81cd31c803019ff1ebe652c0ec5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240504/2be40c9a/attachment.htm>
