[Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-47875

Sat Oct 19 14:33:21 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6449f5ff by Salvatore Bonaccorso at 2024-10-19T15:32:52+02:00
Update information for CVE-2024-47875

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1676,8 +1676,11 @@ CVE-2024-47875 (DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer
 	{DSA-5790-1}
 	- node-dompurify <unfixed> (bug #1084983)
 	NOTE: https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf
-	NOTE: https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f
-	NOTE: https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a
+	NOTE: https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f (2.5.1)
+	NOTE: https://github.com/cure53/DOMPurify/pull/943
+	NOTE: https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a (3.1.1)
+	NOTE: When fixing the issue be aware that the fixing commit would introduce CVE-2024-45801
+	NOTE: when only cherry-picking commits.
 CVE-2024-47830 (Plane is an open-source project management tool. Plane uses the ** wil ...)
 	NOT-FOR-US: Plane
 CVE-2024-47509 (An Allocation of Resources Without Limits or Throttlingvulnerability i ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6449f5ff5ccee2a6561e204b97564a2ee5a9951a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6449f5ff5ccee2a6561e204b97564a2ee5a9951a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241019/5f65eb05/attachment.htm>
