[Git][security-tracker-team/security-tracker][master] Track fixes for symfony issues via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 8 10:29:24 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
36a9b0eb by Salvatore Bonaccorso at 2024-11-08T11:28:57+01:00
Track fixes for symfony issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -493,7 +493,7 @@ CVE-2024-51736 (Symphony process is a module for the Symphony PHP framework whic
CVE-2024-51409 (Buffer Overflow vulnerability in Tenda O3 v.1.0.0.5 allows a remote at ...)
NOT-FOR-US: Tenda
CVE-2024-50345 (symfony/http-foundation is a module for the Symphony PHP framework whi ...)
- - symfony <unfixed>
+ - symfony 6.4.14+dfsg-1
NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp
NOTE: Fixed by: https://github.com/symfony/symfony/commit/5a9b08e5740af795854b1b639b7d45b9cbfe8819 (v5.4.46, v6.4.14, v7.1.7)
CVE-2024-50343 (symfony/validator is a module for the Symphony PHP framework which pro ...)
@@ -501,7 +501,7 @@ CVE-2024-50343 (symfony/validator is a module for the Symphony PHP framework whi
NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-g3rh-rrhp-jhh9
NOTE: Fixed by: https://github.com/symfony/symfony/commit/7d1032bbead9a4229b32fa6ebca32681c80cb76f (v5.4.43, v6.4.11, v7.1.4)
CVE-2024-50342 (symfony/http-client is a module for the Symphony PHP framework which p ...)
- - symfony <unfixed>
+ - symfony 6.4.14+dfsg-1
NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm
NOTE: Fixed by; https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b (v5.4.46, v6.4.14, v7.1.7)
CVE-2024-50341 (symfony/security-bundle is a module for the Symphony PHP framework whi ...)
@@ -509,7 +509,7 @@ CVE-2024-50341 (symfony/security-bundle is a module for the Symphony PHP framewo
NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-jxgr-3v7q-3w9v
NOTE: Fixed by: https://github.com/symfony/symfony/commit/22a0789a0085c3ee96f4ef715ecad8255cf0e105 (v6.4.10, v7.0.10, v7.1.3)
CVE-2024-50340 (symfony/runtime is a module for the Symphony PHP framework which enabl ...)
- - symfony <unfixed>
+ - symfony 6.4.14+dfsg-1
NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-x8vp-gf4q-mw5j
NOTE: Fixed by: https://github.com/symfony/symfony/commit/a77b308c3f179ed7c8a8bc295f82b2d6ee3493fa (v5.4.46, v6.4.14, v7.1.7)
CVE-2024-48325 (Portabilis i-Educar 2.8.0 is vulnerable to SQL Injection in the "getDo ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36a9b0ebf23417bd178251bc6fa2a35f6cf2cc7f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36a9b0ebf23417bd178251bc6fa2a35f6cf2cc7f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241108/35ce7cf8/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list