[Git][security-tracker-team/security-tracker][master] some updates on older issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sat Oct 26 22:56:07 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cd8b7ef3 by Moritz Muehlenhoff at 2024-10-26T23:55:37+02:00
some updates on older issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -74132,21 +74132,17 @@ CVE-2024-24262 (media-server v1.0.0 was discovered to contain a Use-After-Free (
CVE-2024-24260 (media-server v1.0.0 was discovered to contain a Use-After-Free (UAF) v ...)
NOT-FOR-US: media-server
CVE-2024-24259 (freeglut through 3.4.0 was discovered to contain a memory leak via the ...)
- - freeglut <unfixed> (bug #1063801)
- [bookworm] - freeglut <no-dsa> (Minor issue)
- [bullseye] - freeglut <no-dsa> (Minor issue)
- [buster] - freeglut <no-dsa> (Minor issue)
+ - freeglut <unfixed> (bug #1063801; unimportant)
NOTE: https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_2.md
NOTE: https://github.com/freeglut/freeglut/pull/155
NOTE: Fixed by: https://github.com/freeglut/freeglut/commit/9ad320c1ad1a25558998ddfe47674511567fec57
+ NOTE: Negligible security impact
CVE-2024-24258 (freeglut 3.4.0 was discovered to contain a memory leak via the menuEnt ...)
- - freeglut <unfixed> (bug #1063801)
- [bookworm] - freeglut <no-dsa> (Minor issue)
- [bullseye] - freeglut <no-dsa> (Minor issue)
- [buster] - freeglut <no-dsa> (Minor issue)
+ - freeglut <unfixed> (bug #1063801; unimportant)
NOTE: https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_1.md
NOTE: https://github.com/freeglut/freeglut/pull/155
NOTE: Fixed by: https://github.com/freeglut/freeglut/commit/9ad320c1ad1a25558998ddfe47674511567fec57
+ NOTE: Negligible security impact
CVE-2024-23109 (An improper neutralization of special elements used in an os command ( ...)
NOT-FOR-US: FortiGuard
CVE-2024-23108 (An improper neutralization of special elements used in an os command ( ...)
@@ -99563,7 +99559,7 @@ CVE-2023-3025 (The Dropbox Folder Share plugin for WordPress is vulnerable to Se
NOT-FOR-US: Dropbox Folder Share plugin for WordPress
CVE-2023-43091 [Code injection via service.json file]
- gnome-maps 45~rc-1
- [bookworm] - gnome-maps <no-dsa> (Minor issue)
+ [bookworm] - gnome-maps <ignored> (Minor issue, mostly hardening since service.json served from fixed/trusted source)
[bullseye] - gnome-maps <not-affected> (Vulnerable code not present)
[buster] - gnome-maps <not-affected> (Vulnerable code not present)
NOTE: https://gitlab.gnome.org/GNOME/gnome-maps/-/issues/588
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd8b7ef3039056a1829c79f3fbbc1619474396f1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd8b7ef3039056a1829c79f3fbbc1619474396f1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241026/377bf936/attachment.htm>
More information about the debian-security-tracker-commits
mailing list