[Git][security-tracker-team/security-tracker][master] Correct tracking of unstable version fix for CVE-2024-26462
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Feb 23 19:36:39 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
51124277 by Salvatore Bonaccorso at 2025-02-23T20:36:01+01:00
Correct tracking of unstable version fix for CVE-2024-26462
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -104166,14 +104166,14 @@ CVE-2024-26466 (A DOM based cross-site scripting (XSS) vulnerability in the comp
CVE-2024-26465 (A DOM based cross-site scripting (XSS) vulnerability in the component ...)
NOT-FOR-US: beep.js
CVE-2024-26462 (Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ...)
- - krb5 1.21.3 (bug #1064965)
+ - krb5 1.21.3-1 (bug #1064965)
[bookworm] - krb5 <no-dsa> (Minor issue)
[bullseye] - krb5 <not-affected> (Vulnerable code introduced later)
[buster] - krb5 <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_3.md
NOTE: Introduced by: https://github.com/krb5/krb5/commit/c85894cfb784257a6acb4d77d8c75137d2508f5e (krb5-1.20-beta1)
NOTE: Fixed by: https://github.com/krb5/krb5/commit/7d0d85bf99caf60c0afd4dcf91b0c4c683b983fe (master)
- NOTE: Fixed by https://github.com/krb5/krb5/commit/0c2de238b5bf1ea4578e3933a604c7850905b8be (krb5-1.21.3-final)
+ NOTE: Fixed by: https://github.com/krb5/krb5/commit/0c2de238b5bf1ea4578e3933a604c7850905b8be (krb5-1.21.3-final)
NOTE: https://mailman.mit.edu/pipermail/kerberos/2024-March/023095.html
CVE-2024-26461 (Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in / ...)
- krb5 <unfixed> (bug #1098754; unimportant)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/511242776bd5777fd41feb5997ff4d95c60e4b25
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/511242776bd5777fd41feb5997ff4d95c60e4b25
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250223/dc6093e6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list