[Git][security-tracker-team/security-tracker][master] Clarify why fixed version for Debian is 6.12-1 for CVE-2024-45802
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Oct 28 19:17:13 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
357cc7fa by Salvatore Bonaccorso at 2024-10-28T20:16:58+01:00
Clarify why fixed version for Debian is 6.12-1 for CVE-2024-45802
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2,6 +2,8 @@ CVE-2024-45802
- squid 6.12-1
NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj
NOTE: Not a code fix, this merely disables ESI by default (and thus in the Debian build)
+ NOTE: Upstream disabled ESI support in default builds already in 6.10 but Debian builds
+ NOTE: still contained --neable-esi until the 6.12-1 upload.
CVE-2024-9162 (The All-in-One WP Migration and Backup plugin for WordPress is vulnera ...)
NOT-FOR-US: WordPress plugin
CVE-2024-50624 (ispdbservice.cpp in KDE Kmail before 6.2.0 allows man-in-the-middle at ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/357cc7fa9595c7bb1e7d86e124ade655540a224a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/357cc7fa9595c7bb1e7d86e124ade655540a224a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241028/6ebdbc17/attachment.htm>
More information about the debian-security-tracker-commits
mailing list