[Git][security-tracker-team/security-tracker][master] Add Debian bug references for python-aiohttp issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Nov 23 13:17:18 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a0769852 by Salvatore Bonaccorso at 2024-11-23T14:16:50+01:00
Add Debian bug references for python-aiohttp issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2129,7 +2129,7 @@ CVE-2024-52340 (Improper Neutralization of Input During Web Page Generation (XSS
 CVE-2024-52339 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-52304 (aiohttp is an asynchronous HTTP client/server framework for asyncio an ...)
-	- python-aiohttp <unfixed>
+	- python-aiohttp <unfixed> (bug #1088109)
 	NOTE: https://github.com/aio-libs/aiohttp/security/advisories/GHSA-8495-4g3g-x7pr
 	NOTE: https://github.com/aio-libs/aiohttp/commit/259edc369075de63e6f3a4eaade058c62af0df71 (v3.10.11)
 CVE-2024-51940 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -2397,7 +2397,7 @@ CVE-2024-52316 (Unchecked Error Condition vulnerability in Apache Tomcat. If Tom
 	NOTE: https://github.com/apache/tomcat/commit/7532f9dc4a8c37ec958f79dc82c4924a6c539223 (9.0.96)
 	NOTE: Starting with 9.0.70-2 src:tomcat9 no longer ships the server stack, using that as the fixed version
 CVE-2024-52303 (aiohttp is an asynchronous HTTP client/server framework for asyncio an ...)
-	- python-aiohttp <unfixed>
+	- python-aiohttp <unfixed> (bug #1088108)
 	[bookworm] - python-aiohttp <not-affected> (Vulnerable code not present)
 	[bullseye] - python-aiohttp <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/aio-libs/aiohttp/security/advisories/GHSA-27mf-ghqm-j3j8



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a076985287c5c49b82694de96bc9282e9204a2cc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a076985287c5c49b82694de96bc9282e9204a2cc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241123/4ba7a38d/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list