[Git][security-tracker-team/security-tracker][master] two golang-github-containers-buildah issues fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Oct 17 04:26:46 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fd4b5864 by Moritz Mühlenhoff at 2024-10-16T15:27:33+02:00
two golang-github-containers-buildah issues fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1442,7 +1442,7 @@ CVE-2024-9680 (An attacker was able to achieve code execution in the content pro
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2024-52/
CVE-2024-9675 (A vulnerability was found in Buildah. Cache mounts do not properly val ...)
- - golang-github-containers-buildah <unfixed> (bug #1084980)
+ - golang-github-containers-buildah 1.37.4+ds1-1 (bug #1084980)
[bookworm] - golang-github-containers-buildah <no-dsa> (Minor issue)
[bullseye] - golang-github-containers-buildah <postponed> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2317458
@@ -3173,9 +3173,11 @@ CVE-2024-20385 (A vulnerability in the SSL/TLS implementation of Cisco Nexus Das
CVE-2024-20365 (A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Ma ...)
NOT-FOR-US: Cisco
CVE-2024-9407 (A vulnerability exists in the bind-propagation option of the Dockerfil ...)
- - golang-github-containers-buildah <unfixed> (bug #1084980)
+ - golang-github-containers-buildah 1.37.4+ds1-1 (bug #1084980)
[bookworm] - golang-github-containers-buildah <no-dsa> (Minor issue)
[bullseye] - golang-github-containers-buildah <postponed> (Minor issue)
+ NOTE: https://github.com/advisories/GHSA-fhqq-8f65-5xfc
+ NOTE: https://github.com/containers/buildah/commit/e4e2ad5ca2088d7c388109394135ead7aaf1f4f4
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2315887
CVE-2024-9333 (Permissions bypass in M-Files Connector for Copilot before version 24. ...)
NOT-FOR-US: M-Files
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd4b5864cc53464f21358ba731b61babde05eaf2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd4b5864cc53464f21358ba731b61babde05eaf2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241017/4bea6686/attachment.htm>
More information about the debian-security-tracker-commits
mailing list