[Git][security-tracker-team/security-tracker][master] 2 commits: Update tag annotation as 1.24.5 was not released
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Apr 19 20:07:30 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7ca80241 by Salvatore Bonaccorso at 2025-04-19T20:59:14+02:00
Update tag annotation as 1.24.5 was not released
- - - - -
6c51369e by Salvatore Bonaccorso at 2025-04-19T21:06:29+02:00
Update information for CVE-2025-32464
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3742,7 +3742,8 @@ CVE-2025-3442 (This vulnerability exists in TP-Link TapoH200 V1 IoT Smart Hub d
CVE-2025-3100 (The WP Project Manager \u2013 Task, team, and project management plugi ...)
NOT-FOR-US: WordPress plugin
CVE-2025-32464 (HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a s ...)
- - haproxy 3.1.7-1 (bug #1102673)
+ [experimental] - haproxy 3.1.7-1
+ - haproxy <unfixed> (bug #1102673)
NOTE: Introduced with: https://github.com/haproxy/haproxy/commit/07e1e3c93e74e44389545e457f0e1ff2e807cb9a (v2.2-dev3)
NOTE: Fixed by: https://github.com/haproxy/haproxy/commit/3e3b9eebf871510aee36c3a3336faac2f38c9559 (v3.2-dev10)
CVE-2025-32461 (wikiplugin_includetpl in lib/wiki-plugins/wikiplugin_includetpl.php in ...)
@@ -194990,7 +194991,7 @@ CVE-2023-0437 (When calling bson_utf8_validateon some inputs a loop with an exit
[buster] - mongo-c-driver <ignored> (Minor issue)
NOTE: https://jira.mongodb.org/browse/CDRIVER-4747
NOTE: Fixed by: https://github.com/mongodb/mongo-c-driver/commit/fd3a978b35cac8f3c78c4d9a1b08fd5aa4d440b8 (1.25.0)
- NOTE: Fixed by: https://github.com/mongodb/mongo-c-driver/commit/be865dd759a28aa268232766f304d1bc11f1e8f7 (1.24.5)
+ NOTE: Fixed by: https://github.com/mongodb/mongo-c-driver/commit/be865dd759a28aa268232766f304d1bc11f1e8f7 (r1.24 branch)
CVE-2023-0436 (The affected versions of MongoDB Atlas Kubernetes Operator may print s ...)
NOT-FOR-US: MongoDB Atlas Kubernetes Operator
CVE-2022-48282 (Under very specific circumstances (see Required configuration section ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fad790d2ca3888a05bc2311d6f8ef1a4804b086d...6c51369e2d8489d37816a3e57eab9fbafa38e1b1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fad790d2ca3888a05bc2311d6f8ef1a4804b086d...6c51369e2d8489d37816a3e57eab9fbafa38e1b1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250419/57efd744/attachment.htm>
More information about the debian-security-tracker-commits
mailing list