[Git][security-tracker-team/security-tracker][master] Track fixes for cacti via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu May 16 23:20:10 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a0982e52 by Salvatore Bonaccorso at 2024-05-17T00:19:05+02:00
Track fixes for cacti via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1319,7 +1319,7 @@ CVE-2024-34411 (Unrestricted Upload of File with Dangerous Type vulnerability in
 CVE-2024-34353 (The matrix-sdk-crypto crate, part of the Matrix Rust SDK project, is a ...)
 	TODO: check
 CVE-2024-34340 (Cacti provides an operational monitoring and fault management framewor ...)
-	- cacti <unfixed>
+	- cacti 1.2.27+ds1-1
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m
 CVE-2024-34231 (A cross-site scripting (XSS) vulnerability in Sourcecodester Laborator ...)
 	NOT-FOR-US: Sourcecodester Laboratory Management System
@@ -1356,24 +1356,24 @@ CVE-2024-31810 (TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain
 CVE-2024-31771 (Insecure Permission vulnerability in TotalAV v.6.0.740 allows a local  ...)
 	NOT-FOR-US: TotalAV
 CVE-2024-31460 (Cacti provides an operational monitoring and fault management framewor ...)
-	- cacti <unfixed>
+	- cacti 1.2.27+ds1-1
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r
 CVE-2024-31459 (Cacti provides an operational monitoring and fault management framewor ...)
-	- cacti <unfixed>
+	- cacti 1.2.27+ds1-1
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-cx8g-hvq8-p2rv
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-gj3f-p326-gh8r
 CVE-2024-31458 (Cacti provides an operational monitoring and fault management framewor ...)
-	- cacti <unfixed>
+	- cacti 1.2.27+ds1-1
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-jrxg-8wh8-943x
 CVE-2024-31445 (Cacti provides an operational monitoring and fault management framewor ...)
-	- cacti <unfixed>
+	- cacti 1.2.27+ds1-1
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-vjph-r677-6pcc
 	NOTE: https://github.com/Cacti/cacti/commit/fd93c6e47651958b77c3bbe6a01fff695f81e886
 CVE-2024-31444 (Cacti provides an operational monitoring and fault management framewor ...)
-	- cacti <unfixed>
+	- cacti 1.2.27+ds1-1
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-p4ch-7hjw-6m87
 CVE-2024-31443 (Cacti provides an operational monitoring and fault management framewor ...)
-	- cacti <unfixed>
+	- cacti 1.2.27+ds1-1
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3
 	NOTE: https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cf
 CVE-2024-31377 (Unrestricted Upload of File with Dangerous Type vulnerability in J.N.  ...)
@@ -1397,7 +1397,7 @@ CVE-2024-29895 (Cacti provides an operational monitoring and fault management fr
 	NOTE: But fix reverted again: https://github.com/Cacti/cacti/commit/99633903cad0de5ace636249de16f77e57a3c8fc
 	TODO: check, might affect only 1.3.x
 CVE-2024-29894 (Cacti provides an operational monitoring and fault management framewor ...)
-	- cacti <unfixed>
+	- cacti 1.2.27+ds1-1
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-grj5-8fcj-34gh
 	NOTE: Fixed by: https://github.com/Cacti/cacti/commit/9c75f8da5b609d17c8c031fd46362f730358b792 (1.2.27)
 	NOTE: Follow-up fix: https://github.com/Cacti/cacti/pull/5751
@@ -1415,7 +1415,7 @@ CVE-2024-28277 (In Sourcecodester School Task Manager v1.0, a vulnerability was
 CVE-2024-28276 (Sourcecodester School Task Manager 1.0 is vulnerable to Cross Site Scr ...)
 	NOT-FOR-US: Sourcecodester School Task Manager
 CVE-2024-27082 (Cacti provides an operational monitoring and fault management framewor ...)
-	- cacti <unfixed>
+	- cacti 1.2.27+ds1-1
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-j868-7vjp-rp9h
 CVE-2024-25662 (Oxygen XML Web Author v26.0.0 and older and Oxygen Content Fusion v6.1 ...)
 	TODO: check



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0982e5230045d3ff15f1743d56ffc95ab0b798d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a0982e5230045d3ff15f1743d56ffc95ab0b798d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240516/62cbab47/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list