[Git][security-tracker-team/security-tracker][master] Replace some avahi references with moved namespace
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Oct 28 20:00:15 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c1d6b9ca by Salvatore Bonaccorso at 2024-10-28T20:59:14+01:00
Replace some avahi references with moved namespace
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -96892,7 +96892,7 @@ CVE-2023-38469 (A vulnerability was found in Avahi, where a reachable assertion
[buster] - avahi <postponed> (Minor issue; can be mitigated by setting disable-user-service-publishing to yes)
NOTE: https://github.com/avahi/avahi/issues/455
NOTE: https://github.com/avahi/avahi/pull/500
- NOTE: Fixed by: https://github.com/lathiat/avahi/commit/a337a1ba7d15853fb56deef1f464529af6e3a1cf (v0.9-rc1)
+ NOTE: Fixed by: https://github.com/avahi/avahi/commit/a337a1ba7d15853fb56deef1f464529af6e3a1cf (v0.9-rc1)
NOTE: Tests: https://github.com/avahi/avahi/commit/c6cab87df290448a63323c8ca759baa516166237
NOTE: https://www.openwall.com/lists/oss-security/2023/10/06/4
CVE-2023-5402 (A CWE-269: Improper Privilege Management vulnerability exists that cou ...)
@@ -119316,9 +119316,9 @@ CVE-2023-1981 (A vulnerability was found in the avahi library. This flaw allows
{DLA-3414-1}
- avahi 0.8-10 (bug #1034594)
[bullseye] - avahi <no-dsa> (Minor issue)
- NOTE: https://github.com/lathiat/avahi/issues/375
- NOTE: https://github.com/lathiat/avahi/pull/407
- NOTE: https://github.com/lathiat/avahi/commit/a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f
+ NOTE: https://github.com/avahi/avahi/issues/375
+ NOTE: https://github.com/avahi/avahi/pull/407
+ NOTE: https://github.com/avahi/avahi/commit/a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f
CVE-2023-1980 (Two factor authentication bypass on login in Devolutions Remote Des ...)
NOT-FOR-US: Devolutions
CVE-2023-1979 (The Web Stories for WordPress plugin supports the WordPress built-in f ...)
@@ -269031,9 +269031,9 @@ CVE-2021-3502 (A flaw was found in avahi 0.8-5. A reachable assertion is present
[bullseye] - avahi 0.8-5+deb11u1
[buster] - avahi <not-affected> (Vulnerable code introduced later)
[stretch] - avahi <not-affected> (Vulnerable code introduced later)
- NOTE: https://github.com/lathiat/avahi/issues/338
- NOTE: Fixed by: https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c
- NOTE: Introduced by: https://github.com/lathiat/avahi/commit/80c98fa16782e921f5b5d5c880f1d80f5c43bd49 (v0.8)
+ NOTE: https://github.com/avahi/avahi/issues/338
+ NOTE: Fixed by: https://github.com/avahi/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c
+ NOTE: Introduced by: https://github.com/avahi/avahi/commit/80c98fa16782e921f5b5d5c880f1d80f5c43bd49 (v0.8)
CVE-2021-3500 (A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in ...)
{DSA-5032-1 DLA-2667-1}
- djvulibre 3.5.28-2 (bug #988215)
@@ -274824,8 +274824,8 @@ CVE-2021-3468 (A flaw was found in avahi in versions 0.6 up to 0.8. The event us
{DLA-3466-1 DLA-3047-1}
- avahi 0.8-7 (bug #984938)
[bullseye] - avahi 0.8-5+deb11u2
- NOTE: https://github.com/lathiat/avahi/pull/330
- NOTE: https://github.com/lathiat/avahi/commit/447affe29991ee99c6b9732fc5f2c1048a611d3b
+ NOTE: https://github.com/avahi/avahi/pull/330
+ NOTE: https://github.com/avahi/avahi/commit/447affe29991ee99c6b9732fc5f2c1048a611d3b
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1939614#c3
CVE-2021-29262 (When starting Apache Solr versions prior to 8.8.2, configured with the ...)
- lucene-solr <not-affected> (Vulnerable code not yet present)
@@ -524903,8 +524903,8 @@ CVE-2017-6520 (The Multicast DNS (mDNS) responder used in BOSE Soundtouch 30 ina
CVE-2017-6519 (avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to ...)
- avahi 0.7-5 (unimportant; bug #917047)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1426712
- NOTE: https://github.com/lathiat/avahi/issues/203
- NOTE: https://github.com/lathiat/avahi/commit/e111def44a7df4624a4aa3f85fe98054bffb6b4f
+ NOTE: https://github.com/avahi/avahi/issues/203
+ NOTE: https://github.com/avahi/avahi/commit/e111def44a7df4624a4aa3f85fe98054bffb6b4f
CVE-2017-6518 (Cross-site scripting (XSS) vulnerability in /sanadata/seo/index.asp in ...)
NOT-FOR-US: SanaCMS
CVE-2017-6517 (Microsoft Skype 7.16.0.102 contains a vulnerability that could allow a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1d6b9ca9ab41474e1d33ee31b66da3d0f8fe9d6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1d6b9ca9ab41474e1d33ee31b66da3d0f8fe9d6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241028/a9931de8/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list