[Git][security-tracker-team/security-tracker][master] CVE-2024-4741: Refer to commits from advisory

Tue May 28 19:46:06 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cdaa268e by Salvatore Bonaccorso at 2024-05-28T20:45:27+02:00
CVE-2024-4741: Refer to commits from advisory

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4,8 +4,8 @@ CVE-2024-4741 [Use After Free with SSL_free_buffers]
 	[bullseye] - openssl <postponed> (Minor issue, fix along with next update round)
 	NOTE: https://www.openssl.org/news/secadv/20240528.txt
 	NOTE: https://github.com/openssl/openssl/commit/c1bd38a003fa19fd0d8ade85e1bbc20d8ae59dab (master)
-	NOTE: https://github.com/openssl/openssl/commit/d095674320c84b8ed1250715b1dd5ce05f9f267b (openssl-3.2)
-	NOTE: https://github.com/openssl/openssl/commit/d095674320c84b8ed1250715b1dd5ce05f9f267b (openssl-3.0)
+	NOTE: https://github.com/openssl/openssl/commit/c88c3de51020c37e8706bf7a682a162593053aac (openssl-3.2)
+	NOTE: https://github.com/openssl/openssl/commit/b3f0eb0a295f58f16ba43ba99dad70d4ee5c437d (openssl-3.0)
 CVE-2024-36428 (OrangeHRM 3.3.3 allows admin/viewProjects sortOrder SQL injection.)
 	NOT-FOR-US: OrangeHRM
 CVE-2024-36426 (In TARGIT Decision Suite 23.2.15007.0 before Autumn 2023, the session  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdaa268e18bcccc2a86bd57bff28fb5578bccd16

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdaa268e18bcccc2a86bd57bff28fb5578bccd16
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240528/6a5d1697/attachment.htm>
