[Git][security-tracker-team/security-tracker][master] CVE-2024-8775: Directly reference commits in upstream repository

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Nov 2 07:21:50 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0dda12bb by Salvatore Bonaccorso at 2024-11-02T08:21:23+01:00
CVE-2024-8775: Directly reference commits in upstream repository

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12207,9 +12207,9 @@ CVE-2024-8775 (A flaw was found in Ansible, where sensitive information stored i
 	NOTE: ansible-core was split off from src:ansible with 4.6.0-1 in experimental/5.4.0-1 in sid
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2312119
 	NOTE: Ansible bug: https://github.com/ansible/ansible/pull/84179
-	NOTE: Ansible commit: https://github.com/ansible/ansible/pull/84179/commits/91fab0e279e85217d7ce544b077eb2e9f7938655 (2.18)
-	NOTE: Ansible commit: https://github.com/ansible/ansible/pull/84180/commits/9f1ff86c998bcbaadb450929a06bbc7823bc1e4f (2.17)
-	NOTE: Ansible commit: https://github.com/ansible/ansible/pull/84183/commits/98138bdb3e1fd3651fa57ed30054e2c3b9012ffe (2.14)
+	NOTE: Fixed by: https://github.com/ansible/ansible/commit/23f8639a4b01f6437f241d835efb68b8b7150575 (v2.18.0rc2)
+	NOTE: Fixed by: https://github.com/ansible/ansible/commit/4a654435470c88a5732af5d647d0014b2eea2557 (v2.17.6rc1)
+	NOTE: Fixed by: https://github.com/ansible/ansible/commit/62682c30298cc18c029438d524aee3376497fd7c (v2.14.18rc1)
 CVE-2024-8724 (The Waitlist Woocommerce ( Back in stock notifier ) plugin for WordPre ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-8669 (The Backuply \u2013 Backup, Restore, Migrate and Clone plugin for Word ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0dda12bb7e3881e983e22b561c38dd4c0696a73e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0dda12bb7e3881e983e22b561c38dd4c0696a73e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241102/e384defc/attachment.htm>

More information about the debian-security-tracker-commits mailing list