[Git][security-tracker-team/security-tracker][master] Mark Bullseye as not affected by CVE-2024-50305 and CVE-2024-50306
Daniel Leidert (@dleidert)
dleidert at debian.org
Wed Jan 1 01:53:19 GMT 2025
Daniel Leidert pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c18e4d4c by Daniel Leidert at 2025-01-01T02:51:23+01:00
Mark Bullseye as not affected by CVE-2024-50305 and CVE-2024-50306
The advisories only list 9.x and 10.x as vulnerable.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12476,6 +12476,7 @@ CVE-2024-10146 (The Simple File List WordPress plugin before 6.1.13 does not san
NOT-FOR-US: WordPress plugin
CVE-2024-50306 (Unchecked return value can allow Apache Traffic Server to retain privi ...)
- trafficserver <unfixed> (bug #1087531)
+ [bullseye] - trafficserver <not-affected> (Only affects 9.x and 10.x)
NOTE: https://www.openwall.com/lists/oss-security/2024/11/13/1
NOTE: https://github.com/apache/trafficserver/pull/11855
NOTE: Fixed by: https://github.com/apache/trafficserver/commit/27f504883547502b1f5e4e389edd7f26e3ab246f (9.2.6-rc0)
@@ -12490,6 +12491,7 @@ CVE-2024-38479 (Improper Input Validation vulnerability in Apache Traffic Server
NOTE: https://github.com/apache/trafficserver/commit/b8861231702ac5df7d5de401e82440c1cf20b633 (9.2.6-rc0)
CVE-2024-50305 (Valid Host header field can cause Apache Traffic Server to crash on so ...)
- trafficserver <unfixed> (bug #1087531)
+ [bullseye] - trafficserver <not-affected> (Only affects 9.x and 10.x)
NOTE: https://www.openwall.com/lists/oss-security/2024/11/13/1
NOTE: https://github.com/apache/trafficserver/issues/8461
NOTE: https://github.com/apache/trafficserver/commit/5e39658f7c0bc91613468c9513ba22ede1739d7e (9.2.6-rc0)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c18e4d4c51909cd536fce66fb58090352d4a8b2c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c18e4d4c51909cd536fce66fb58090352d4a8b2c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250101/46259766/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list