[Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2024-45614/puma
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Sep 20 15:21:24 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8c8c603b by Salvatore Bonaccorso at 2024-09-20T16:20:15+02:00
Add upstream commit for CVE-2024-45614/puma
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -87,6 +87,7 @@ CVE-2024-45752 (logiops through 0.3.4, in its default configuration, allows any
CVE-2024-45614 (Puma is a Ruby/Rack web server built for parallelism. In affected vers ...)
- puma <unfixed>
NOTE: https://github.com/puma/puma/security/advisories/GHSA-9hf4-67fc-4vf4
+ NOTE: Fixed by: https://github.com/puma/puma/commit/cac3fd18cf29ed43719ff5d52d9cfec215f0a043 (v6.4.3)
CVE-2024-43496 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-43489 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c8c603b31a58e28b52154caf5dc2d498a2c5098
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c8c603b31a58e28b52154caf5dc2d498a2c5098
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240920/c17e414d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list