[Git][security-tracker-team/security-tracker][master] mark two modbus CVEs as non issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Oct 29 14:21:55 GMT 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
17e4c747 by Moritz Muehlenhoff at 2024-10-29T15:21:28+01:00
mark two modbus CVEs as non issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -46449,11 +46449,8 @@ CVE-2024-34257 (TOTOLINK EX1800T V9.1.0cu.2112_B20220316 has a vulnerability in
CVE-2024-34255 (jizhicms v2.5.1 contains a Cross-Site Scripting(XSS) vulnerability in ...)
NOT-FOR-US: jizhicms
CVE-2024-34244 (libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_writ ...)
- - libmodbus <unfixed> (bug #1071633)
- [bookworm] - libmodbus <no-dsa> (Minor issue)
- [bullseye] - libmodbus <no-dsa> (Minor issue)
- [buster] - libmodbus <postponed> (Minor issue; out-of-bounds read, DoS)
- NOTE: https://github.com/stephane/libmodbus/issues/743
+ NOTE: Bogus assignment for libmodbus, was also filed as #1071633
+ NOTE: https://github.com/stephane/libmodbus/issues/743#issuecomment-2222214256
CVE-2024-33612 (An improper certificate validation vulnerability exists in BIG-IP Next ...)
NOT-FOR-US: F5 BIG-IP
CVE-2024-33608 (When IPsec is configured on a virtual server, undisclosed traffic can ...)
@@ -130998,11 +130995,8 @@ CVE-2023-26795
CVE-2023-26794
RESERVED
CVE-2023-26793 (libmodbus v3.1.10 has a heap-based buffer overflow vulnerability in re ...)
- - libmodbus <unfixed> (bug #1074418)
- [bookworm] - libmodbus <no-dsa> (Minor issue)
- [bullseye] - libmodbus <no-dsa> (Minor issue)
- [buster] - libmodbus <postponed> (Minor issue, no patch)
- NOTE: https://github.com/stephane/libmodbus/issues/683
+ NOTE: Bogus assignment for libmodbus, was also filed as #1074418. Just a bug in a test case
+ NOTE: https://github.com/stephane/libmodbus/issues/683#issuecomment-2291215593
CVE-2023-26792
RESERVED
CVE-2023-26791
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17e4c747f7cb78c5d462e9e501854668bc775be8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17e4c747f7cb78c5d462e9e501854668bc775be8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241029/36680e0f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list