[Git][security-tracker-team/security-tracker][master] Mark Bullseye as not affected by CVE-2024-50305 and CVE-2024-50306

Daniel Leidert (@dleidert) dleidert at debian.org
Wed Jan 1 01:53:19 GMT 2025



Daniel Leidert pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c18e4d4c by Daniel Leidert at 2025-01-01T02:51:23+01:00
Mark Bullseye as not affected by CVE-2024-50305 and CVE-2024-50306

The advisories only list 9.x and 10.x as vulnerable.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12476,6 +12476,7 @@ CVE-2024-10146 (The Simple File List WordPress plugin before 6.1.13 does not san
 	NOT-FOR-US: WordPress plugin
 CVE-2024-50306 (Unchecked return value can allow Apache Traffic Server to retain privi ...)
 	- trafficserver <unfixed> (bug #1087531)
+	[bullseye] - trafficserver <not-affected> (Only affects 9.x and 10.x)
 	NOTE: https://www.openwall.com/lists/oss-security/2024/11/13/1
 	NOTE: https://github.com/apache/trafficserver/pull/11855
 	NOTE: Fixed by: https://github.com/apache/trafficserver/commit/27f504883547502b1f5e4e389edd7f26e3ab246f (9.2.6-rc0)
@@ -12490,6 +12491,7 @@ CVE-2024-38479 (Improper Input Validation vulnerability in Apache Traffic Server
 	NOTE: https://github.com/apache/trafficserver/commit/b8861231702ac5df7d5de401e82440c1cf20b633 (9.2.6-rc0)
 CVE-2024-50305 (Valid Host header field can cause Apache Traffic Server to crash on so ...)
 	- trafficserver <unfixed> (bug #1087531)
+	[bullseye] - trafficserver <not-affected> (Only affects 9.x and 10.x)
 	NOTE: https://www.openwall.com/lists/oss-security/2024/11/13/1
 	NOTE: https://github.com/apache/trafficserver/issues/8461
 	NOTE: https://github.com/apache/trafficserver/commit/5e39658f7c0bc91613468c9513ba22ede1739d7e (9.2.6-rc0)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c18e4d4c51909cd536fce66fb58090352d4a8b2c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c18e4d4c51909cd536fce66fb58090352d4a8b2c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250101/46259766/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list