[Git][security-tracker-team/security-tracker][master] new editorconfig-core issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0d229164 by Moritz Muehlenhoff at 2024-11-27T11:19:10+01:00
new editorconfig-core issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,12 @@
 CVE-2024-5921 (An insufficient certification validation issue in the Palo Alto Networ ...)
 	NOT-FOR-US: Palo Alto Networks
 CVE-2024-53849 (editorconfig-core-c  is  theEditorConfig core library written in C (fo ...)
-	TODO: check
+	- editorconfig-core 0.12.7-0.1
+	[bookworm] - editorconfig-core <no-dsa> (Minor issue)
+	NOTE: https://github.com/editorconfig/editorconfig-core-c/security/advisories/GHSA-475j-wc37-6274
+	NOTE: https://github.com/editorconfig/editorconfig-core-c/pull/103
+	NOTE: https://github.com/editorconfig/editorconfig-core-c/commit/4d5518a0a4e4910c37281ab13a048d0d86999782 (v0.12.7)
+	NOTE: https://github.com/editorconfig/editorconfig-core-c/commit/fca7cf19e0fb800c2d38f173c1f69ad40bf2a2f5 (v0.12.7)
 CVE-2024-53676 (A directory traversal vulnerability in Hewlett Packard Enterprise Insi ...)
 	NOT-FOR-US: Hewlett Packard Enterprise
 CVE-2024-53675 (An XML external entity injection (XXE) vulnerability in HPE Insight Re ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d2291647f8009aa881b602abb72d152d73629db

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d2291647f8009aa881b602abb72d152d73629db
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241127/7bc67464/attachment-0001.htm>