[Git][security-tracker-team/security-tracker][master] NFUs / xz-utils n/a

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Oct 3 19:45:33 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5b5587a2 by Moritz Muehlenhoff at 2024-10-03T20:45:17+02:00
NFUs / xz-utils n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6,7 +6,7 @@ CVE-2024-8352 (The Social Web Suite \u2013 Social Media Auto Post, Social Media
 CVE-2024-8159 (Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulne ...)
 	NOT-FOR-US: Deep Freeze
 CVE-2024-47616 (Pomerium is an identity and context-aware access proxy. The Pomerium d ...)
-	TODO: check
+	NOT-FOR-US: Pomerium
 CVE-2024-47136 (Out-of-bounds read vulnerability exists in Kostac PLC Programming Soft ...)
 	NOT-FOR-US: Kostac PLC Programming Software
 CVE-2024-47135 (Stack-based buffer overflow vulnerability exists in Kostac PLC Program ...)
@@ -24,7 +24,7 @@ CVE-2024-24117 (Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS
 CVE-2024-9441 (The Linear eMerge e3-Series through version 1.00-07 is vulnerable to a ...)
 	NOT-FOR-US: Linear eMerge e3-Series
 CVE-2024-9440 (Slim Select 2.0 versions through 2.9.0 are affected by a potential cro ...)
-	TODO: check
+	NOT-FOR-US: Node slim-select
 CVE-2024-9429 (A vulnerability has been found in code-projects Restaurant Reservation ...)
 	NOT-FOR-US: code-projects Restaurant Reservation System
 CVE-2024-9423 (Certain HP LaserJet printers may potentially experience a denial of se ...)
@@ -52,19 +52,19 @@ CVE-2024-7558 (JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju
 CVE-2024-6360 (Incorrect Permission Assignment for Critical Resource vulnerability in ...)
 	NOT-FOR-US: OpenText
 CVE-2024-47807 (Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2024-47806 (Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2024-47805 (Jenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 13 ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2024-47804 (If an attempt is made to create an item of a type prohibited by `ACL#h ...)
-	TODO: check
+	- jenkins <removed>
 CVE-2024-47803 (Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact mul ...)
-	TODO: check
+	- jenkins <removed>
 CVE-2024-47612 (DataDump is a MediaWiki extension that provides dumps of wikis. Severa ...)
-	TODO: check
+	NOT-FOR-US: DataDump MediaWiki extension
 CVE-2024-47611 (XZ Utils provide a general-purpose data-compression library plus comma ...)
-	TODO: check
+	- xz-utils <not-affected> (Only affects Windows builds)
 CVE-2024-47529 (OpenC3 COSMOS provides the functionality needed to send commands to an ...)
 	NOT-FOR-US: OpenC3 COSMOS
 CVE-2024-46977 (OpenC3 COSMOS provides the functionality needed to send commands to an ...)
@@ -80,9 +80,9 @@ CVE-2024-45962 (October 3.6.30 allows an authenticated admin account to upload a
 CVE-2024-45960 (Zenario 9.7.61188 allows authenticated admin users to upload PDF files ...)
 	NOT-FOR-US: Zenario
 CVE-2024-44193 (A logic issue was addressed with improved restrictions. This issue is  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-44097 (According to the researcher: "The TLS connections are encrypted agains ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-44030 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-44017 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b5587a29eefec9e776c3f8b50e61bcc6860504f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b5587a29eefec9e776c3f8b50e61bcc6860504f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241003/b5280c3a/attachment.htm>

More information about the debian-security-tracker-commits mailing list