[Git][security-tracker-team/security-tracker][master] Reference fixes for 3.8.3 version upstream for new openrefine issues

Fri Oct 25 20:16:43 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fc5c6c90 by Salvatore Bonaccorso at 2024-10-25T21:15:35+02:00
Reference fixes for 3.8.3 version upstream for new openrefine issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26,6 +26,7 @@ CVE-2024-49760 (OpenRefine is a free, open source tool for working with messy da
 	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-qfwq-6jh6-8xx4
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/24d084052dc55426fe460f2a17524fd18d28b20c
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/478285afffea59c893ac472faa74898ab9e5e95a (3.8.3)
 CVE-2024-49750 (The Snowflake Connector for Python provides an interface for developin ...)
 	NOT-FOR-US: Snowflake Connector for Python
 CVE-2024-49359 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
@@ -50,22 +51,27 @@ CVE-2024-47882 (OpenRefine is a free, open source tool for working with messy da
 	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-j8hp-f2mj-586g
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/85594e75e7b36025f7b6a67dcd3ec253c5dff8c2
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/b0d5dd0a6a40369593f4a6b593e3e0ffa213339e (3.8.3)
 CVE-2024-47881 (OpenRefine is a free, open source tool for working with messy data. St ...)
 	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-87cf-j763-vvh8
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/853a1d91662e7dc278a9a94a38be58de04494056
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/8a5cced755f9d4544cfc9fd1b9dc9274807b5020 (3.8.3)
 CVE-2024-47880 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
 	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-79jv-5226-783f
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/8060477fa53842ebabf43b63e039745932fa629d
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/fbf94fe3f001d6e2aa02e890930cf1affb0847b0 (3.8.3)
 CVE-2024-47879 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
 	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-3jm4-c6qf-jrh3
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/090924ca923489b6c94397cf1f5df7f7f78f0126
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/52c882a447d9efe8d3ef73b78468887c5da39790 (3.8.3)
 CVE-2024-47878 (OpenRefine is a free, open source tool for working with messy data. Pr ...)
 	- openrefine <unfixed> (bug #1086041)
 	NOTE: https://github.com/OpenRefine/OpenRefine/security/advisories/GHSA-pw3x-c5vp-mfc3
 	NOTE: https://github.com/OpenRefine/OpenRefine/commit/10bf0874d67f1018a58b3732332d76b840192fea
+	NOTE: https://github.com/OpenRefine/OpenRefine/commit/37b375478eca41b8948b104bf6790ebf659a88cb (3.8.3)
 CVE-2024-47801 (Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP ...)
 	NOT-FOR-US: Sharp and Toshiba Tec MFPs
 CVE-2024-47549 (Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc5c6c9085d5d353cb385870ac38155d3a16307f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc5c6c9085d5d353cb385870ac38155d3a16307f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241025/6657745e/attachment-0001.htm>
