[Git][security-tracker-team/security-tracker][master] one more CVE assigned for July Chromium update

Sat Oct 12 10:12:22 BST 2024


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
42707b6e by Moritz Muehlenhoff at 2024-10-12T11:11:52+02:00
one more CVE assigned for July Chromium update

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32,7 +32,6 @@ CVE-2024-48937 (Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 a
 	- znuny 6.5.11-1
 	[bookworm] - znuny <no-dsa> (Non-free not supported)
 	NOTE: https://www.znuny.org/en/advisories/zsa-2024-05
-	TODO: check
 CVE-2024-48788 (An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote att ...)
 	NOT-FOR-US: YESCAM
 CVE-2024-48772 (An issue in C-CHIP (com.cchip.cchipamaota) v.1.2.8 allows a remote att ...)
@@ -50,7 +49,10 @@ CVE-2024-35517 (Netgear XR1000 v1.0.0.64 is vulnerable to command injection in u
 CVE-2024-9869
 	REJECTED
 CVE-2024-9859 (Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 ...)
-	TODO: check
+	{DSA-5720-1}
+	- chromium 126.0.6478.126-1
+	[bullseye] - chromium <end-of-life> (see #1061268)
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2024-9856 (A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. I ...)
 	NOT-FOR-US: 07FLYCMS
 CVE-2024-9855 (A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. I ...)


=====================================
data/DSA/list
=====================================
@@ -223,7 +223,7 @@
 	{CVE-2022-48434 CVE-2023-50010 CVE-2023-51793 CVE-2023-51794 CVE-2023-51798 CVE-2024-32230}
 	[bullseye] - ffmpeg 7:4.3.7-0+deb11u1
 [25 Jun 2024] DSA-5720-1 chromium - security update
-	{CVE-2024-6290 CVE-2024-6291 CVE-2024-6292 CVE-2024-6293}
+	{CVE-2024-6290 CVE-2024-6291 CVE-2024-6292 CVE-2024-6293 CVE-2024-9859}
 	[bookworm] - chromium 126.0.6478.126-1~deb12u1
 [25 Jun 2024] DSA-5719-1 emacs - security update
 	{CVE-2024-39331}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42707b6ec2b3b956e03b2b1e15309df0d0f1721b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42707b6ec2b3b956e03b2b1e15309df0d0f1721b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241012/eb7b89e3/attachment.htm>
