[Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2024-424{58,59,60}/node-elliptic
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Oct 13 17:24:23 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
98b5da45 by Salvatore Bonaccorso at 2024-10-13T18:23:38+02:00
Reference upstream commits for CVE-2024-424{58,59,60}/node-elliptic
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15680,16 +15680,19 @@ CVE-2024-42461 (In the Elliptic package 6.5.6 for Node.js, ECDSA signature malle
[bookworm] - node-elliptic <no-dsa> (Minor issue)
[bullseye] - node-elliptic <no-dsa> (Minor issue)
NOTE: https://github.com/indutny/elliptic/pull/317
+ NOTE: https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11 (v6.5.7)
CVE-2024-42460 (In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleabilit ...)
- node-elliptic 6.5.7+dfsg-1 (bug #1077821)
[bookworm] - node-elliptic <no-dsa> (Minor issue)
[bullseye] - node-elliptic <no-dsa> (Minor issue)
NOTE: https://github.com/indutny/elliptic/pull/317
+ NOTE: https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11 (v6.5.7)
CVE-2024-42459 (In the Elliptic package 6.5.6 for Node.js, EDDSA signature malleabilit ...)
- node-elliptic 6.5.7+dfsg-1 (bug #1077821)
[bookworm] - node-elliptic <no-dsa> (Minor issue)
[bullseye] - node-elliptic <no-dsa> (Minor issue)
NOTE: https://github.com/indutny/elliptic/pull/317
+ NOTE: https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11 (v6.5.7)
CVE-2024-42458 (server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly vali ...)
- neatvnc 0.8.0+dfsg-2 (bug #1077822)
[bookworm] - neatvnc <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98b5da453dd22d0ee9d629f3418edb6ace8f84e4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98b5da453dd22d0ee9d629f3418edb6ace8f84e4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241013/16cb9238/attachment.htm>
More information about the debian-security-tracker-commits
mailing list