[Git][security-tracker-team/security-tracker][master] Add references for needrestart and libmodule-scandeps-perl issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Nov 19 19:37:58 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af13e283 by Salvatore Bonaccorso at 2024-11-19T20:37:09+01:00
Add references for needrestart and libmodule-scandeps-perl issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,18 +1,26 @@
 CVE-2024-48990
 	- needrestart 3.7-3.1
 	NOTE: https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
+	NOTE: Fixed by: https://github.com/liske/needrestart/commit/fcc9a4401392231bef4ef5ed026a0d7a275149ab (v3.8)
 CVE-2024-48992
 	- needrestart 3.7-3.1
 	NOTE: https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
+	NOTE: Fixed by; https://github.com/liske/needrestart/commit/b5f25f6ec6e7dd0c5be249e4e45de4ee9ffe594f (v3.8)
 CVE-2024-48991
 	- needrestart 3.7-3.1
 	NOTE: https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
+	NOTE: Fixed by: https://github.com/liske/needrestart/commit/6ce6136cccc307c6b8a0f8cae12f9a22ac2aad59 (v3.8)
 CVE-2024-11003
 	- needrestart 3.7-3.1
 	NOTE: https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
+	NOTE: Fixed by: https://github.com/liske/needrestart/commit/0f80a348883f72279a859ee655f58da34babefb0 (v3.8)
 CVE-2024-10224
 	- libmodule-scandeps-perl 1.35-2
 	NOTE: https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
+	NOTE: https://github.com/rschupp/Module-ScanDeps/security/advisories/GHSA-g597-359q-v529
+	NOTE: Fixed by: https://github.com/rschupp/Module-ScanDeps/commit/30d43e2df13cfca74833b3aa8a641679427c5cd8
+	NOTE: Fixed by: https://github.com/rschupp/Module-ScanDeps/commit/e1f2e14c5bee4d78c94b0cddf120e81af104f6dd
+	NOTE: Functional followup fix: https://github.com/rschupp/Module-ScanDeps/commit/49468814a24221affe113664899be21aef60e846
 CVE-2024-8403 (Improper Validation of Specified Type of Input vulnerability in Mitsub ...)
 	NOT-FOR-US: Mitsubishi
 CVE-2024-52587 (StepSecurity's Harden-Runner provides network egress filtering and run ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af13e28359a545f4d3b02b0c4017ec1d18cc850f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af13e28359a545f4d3b02b0c4017ec1d18cc850f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241119/c404c580/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list