[Git][security-tracker-team/security-tracker][master] Track fixed version for openssl issues fixed via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Sep 4 05:50:00 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d56b3a09 by Salvatore Bonaccorso at 2024-09-04T06:47:13+02:00
Track fixed version for openssl issues fixed via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -141,7 +141,7 @@ CVE-2024-45506
 	NOTE: http://git.haproxy.org/?p=haproxy-3.0.git;a=commit;h=c725db17e8416ffb3c1537aea756356228ce5e3c (v3.0.4)
 CVE-2024-6119 (Issue summary: Applications performing certificate name checks (e.g.,  ...)
 	{DSA-5764-1}
-	- openssl <unfixed>
+	- openssl 3.3.2-1
 	[bullseye] - openssl <not-affected> (Vulnerable code not present)
 	NOTE: https://openssl-library.org/news/secadv/20240903.txt
 	NOTE: https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6 (openssl-3.0.15)
@@ -15808,7 +15808,7 @@ CVE-2024-37370 (In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modi
 	- krb5 1.21.3-1
 	NOTE: https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef (krb5-1.21.3-final)
 CVE-2024-5535 (Issue summary: Calling the OpenSSL API function SSL_select_next_proto  ...)
-	- openssl <unfixed> (bug #1074487)
+	- openssl 3.3.2-1 (bug #1074487)
 	[bookworm] - openssl <postponed> (Minor issue, fix along with next update round)
 	[bullseye] - openssl <postponed> (Minor issue, fix along with next update round)
 	NOTE: https://www.openssl.org/news/secadv/20240627.txt



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d56b3a094e3a8942a07928f67372c10cffb20bea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d56b3a094e3a8942a07928f67372c10cffb20bea
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240904/b2f479bd/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list