[Git][security-tracker-team/security-tracker][master] Add CVE-2024-52804/python-tornado
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 22 20:44:16 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
82a14387 by Salvatore Bonaccorso at 2024-11-22T21:43:52+01:00
Add CVE-2024-52804/python-tornado
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,7 +11,9 @@ CVE-2024-52998 (Substance3D - Stager versions 3.0.2 and earlier are affected by
CVE-2024-52814 (Argo Helm is a collection of community maintained charts for `argoproj ...)
NOT-FOR-US: Argo Helm
CVE-2024-52804 (Tornado is a Python web framework and asynchronous networking library. ...)
- TODO: check
+ - python-tornado <unfixed>
+ NOTE: https://github.com/tornadoweb/tornado/security/advisories/GHSA-8w49-h785-mj3c
+ NOTE: Fixed by: https://github.com/tornadoweb/tornado/commit/d5ba4a1695fbf7c6a3e54313262639b198291533 (v6.4.2)
CVE-2024-52802 (RIOT is an operating system for internet of things (IoT) devices. In v ...)
NOT-FOR-US: RIOT
CVE-2024-52793 (The Deno Standard Library provides APIs for Deno and the Web. Prior to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82a1438712a9527d146dc094e061ab79868fccd9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82a1438712a9527d146dc094e061ab79868fccd9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241122/60a194f8/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list