[Git][security-tracker-team/security-tracker][master] CVE-2024-9026/php7.4: reference introductory commit
Sylvain Beucler (@beuc)
gitlab at salsa.debian.org
Tue Oct 1 16:08:55 BST 2024
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6e707abb by Sylvain Beucler at 2024-10-01T17:08:10+02:00
CVE-2024-9026/php7.4: reference introductory commit
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27088,6 +27088,7 @@ CVE-2024-9026 [Logs from childrens may be altered]
NOTE: Fixed in 8.3.12, 8.2.24
NOTE: https://github.com/php/php-src/security/advisories/GHSA-865w-9rf3-2wh5
NOTE: https://github.com/php/php-src/commit/1f8e16172c7961045c2b0f34ba7613e3f21cdee8 (PHP-8.2.24)
+ NOTE: Introduced by: https://github.com/php/php-src/commit/0bc6a66a7a0624e63edcd2499f91b227cdb77f47 (php-7.4.4RC1)
CVE-2024-8927 [cgi.force_redirect configuration is byppassible due to the environment variable collision]
- php8.2 8.2.24-1
- php7.4 <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e707abbbec3d29b8dd15e60fc785a6941f066b5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e707abbbec3d29b8dd15e60fc785a6941f066b5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241001/1c51a3fd/attachment.htm>
More information about the debian-security-tracker-commits
mailing list