[Git][security-tracker-team/security-tracker][master] 2 commits: new virtuoso-opensource issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Jan 15 09:32:58 GMT 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7b5dd8a4 by Moritz Muehlenhoff at 2025-01-15T10:24:26+01:00
new virtuoso-opensource issues
- - - - -
02cb2ba6 by Moritz Muehlenhoff at 2025-01-15T10:32:33+01:00
new ratfor issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -54,7 +54,9 @@ CVE-2024-57473 (H3C N12 V100R005 contains a buffer overflow vulnerability due to
CVE-2024-57471 (H3C N12 V100R005 contains a buffer overflow vulnerability due to the l ...)
NOT-FOR-US: H3C N12 V100R005
CVE-2024-55577 (Stack-based buffer overflow vulnerability exists in Linux Ratfor 1.06 ...)
- TODO: check
+ - ratfor <unfixed>
+ [bookworm] - ratfor <no-dsa> (Minor issue)
+ NOTE: http://www.dgate.org/ratfor/#changehistory
CVE-2024-54730 (Flatnotes <v5.3.1 is vulnerable to denial of service through the uploa ...)
TODO: check
CVE-2024-54142 (Discourse AI is a Discourse plugin which provides a number of AI featu ...)
@@ -1036,21 +1038,36 @@ CVE-2024-57654 (An issue in the qst_vec_get_int64 component of openlink virtuoso
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1205
NOTE: https://github.com/openlink/virtuoso-opensource/commit/de5a2fd87577b8bd72ce009fe6b9d374b5d94742 (v7.2.12)
CVE-2024-57653 (An issue in the qst_vec_set_copy component of openlink virtuoso-openso ...)
- TODO: check
+ - virtuoso-opensource 7.2.12+dfsg-0.2
+ NOTE: https://github.com/openlink/virtuoso-opensource/issues/1208
+ NOTE: https://github.com/openlink/virtuoso-opensource/commit/90d7d3e12d7ea62ed2ed0274d03f33a1cd65c58b (v7.2.12)
CVE-2024-57652 (An issue in the numeric_to_dv component of openlink virtuoso-opensourc ...)
- TODO: check
+ - virtuoso-opensource 7.2.12+dfsg-0.2
+ NOTE: https://github.com/openlink/virtuoso-opensource/issues/1198
+ NOTE: https://github.com/openlink/virtuoso-opensource/commit/b14ad6460418c2fbaf3f278b75d7b27da361a297 (v7.2.12)
CVE-2024-57651 (An issue in the jp_add component of openlink virtuoso-opensource v7.2. ...)
- TODO: check
+ - virtuoso-opensource 7.2.12+dfsg-0.2
+ NOTE: https://github.com/openlink/virtuoso-opensource/issues/1196
+ NOTE: https://github.com/openlink/virtuoso-opensource/commit/d905d53aa5d8f17877898b0196d07a53121e551f (v7.2.12)
CVE-2024-57650 (An issue in the qi_inst_state_free component of openlink virtuoso-open ...)
- TODO: check
+ - virtuoso-opensource 7.2.12+dfsg-0.2
+ NOTE: https://github.com/openlink/virtuoso-opensource/issues/1204
+ NOTE: https://github.com/openlink/virtuoso-opensource/commit/3d1a576d8d0bdd295bf7529a544ed6d13976bbe4 (v7.2.12)
CVE-2024-57649 (An issue in the qst_vec_set component of openlink virtuoso-opensource ...)
- TODO: check
+ - virtuoso-opensource 7.2.12+dfsg-0.2
+ NOTE: https://github.com/openlink/virtuoso-opensource/issues/1206
+ NOTE: https://github.com/openlink/virtuoso-opensource/commit/8f26eaca48cf6368962893326407b0aaeecce7f5 (v7.2.12)
CVE-2024-57648 (An issue in the itc_set_param_row component of openlink virtuoso-opens ...)
- TODO: check
+ - virtuoso-opensource 7.2.12+dfsg-0.2
+ NOTE: https://github.com/openlink/virtuoso-opensource/issues/1195
+ NOTE: https://github.com/openlink/virtuoso-opensource/commit/97291b7abad04bce0c60c952b48b529724c1016c (v7.2.12)
CVE-2024-57647 (An issue in the row_insert_cast component of openlink virtuoso-opensou ...)
- TODO: check
+ - virtuoso-opensource 7.2.12+dfsg-0.2
+ NOTE: https://github.com/openlink/virtuoso-opensource/issues/1207
CVE-2024-57646 (An issue in the psiginfo component of openlink virtuoso-opensource v7. ...)
- TODO: check
+ - virtuoso-opensource 7.2.12+dfsg-0.2
+ NOTE: https://github.com/openlink/virtuoso-opensource/issues/1199
+ NOTE: https://github.com/openlink/virtuoso-opensource/commit/301135ac866ac434e8d87c5960ea324a196fe82d (v7.2.12)
CVE-2024-57645 (An issue in the qi_inst_state_free component of openlink virtuoso-open ...)
TODO: check
CVE-2024-57644 (An issue in the itc_hash_compare component of openlink virtuoso-openso ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/09d2782b224f8c90f34502e33304371b0463d8ed...02cb2ba6e128bd3f04655eab155bf4f01629ac48
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/09d2782b224f8c90f34502e33304371b0463d8ed...02cb2ba6e128bd3f04655eab155bf4f01629ac48
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250115/20ffa6b1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list