[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-7254
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jul 3 22:05:39 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b011e244 by Salvatore Bonaccorso at 2025-07-03T23:05:06+02:00
Update status for CVE-2024-7254
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -88043,12 +88043,16 @@ CVE-2024-8850 (The MC4WP: Mailchimp for WordPress plugin for WordPress is vulner
CVE-2024-8364 (The WP Custom Fields Search plugin for WordPress is vulnerable to Stor ...)
NOT-FOR-US: WordPress plugin
CVE-2024-7254 (Any project that parses untrusted Protocol Buffers datacontaining an a ...)
- - protobuf 3.21.12-11 (bug #1082381)
+ - protobuf <unfixed> (bug #1082381)
[bookworm] - protobuf <no-dsa> (Minor issue)
[bullseye] - protobuf <postponed> (Minor issue)
- rust-protobuf <unfixed> (bug #1103833)
[bookworm] - rust-protobuf <no-dsa> (Minor issue)
- NOTE: https://github.com/protocolbuffers/protobuf/commit/cc8b3483a5584b3301e3d43d17eb59704857ffaa
+ NOTE: https://github.com/protocolbuffers/protobuf/commit/b7044987de77f1dc368fee558636d0b56d7e75e1 (v3.25.5)
+ NOTE: https://github.com/protocolbuffers/protobuf/commit/850fcce9176e2c9070614dab53537760498c926b (v3.25.5)
+ NOTE: https://github.com/protocolbuffers/protobuf/commit/4728531c162f2f9e8c2ca1add713cfee2db6be3b (v3.25.5)
+ NOTE: https://github.com/protocolbuffers/protobuf/commit/f000b7e18fd6921ca02ea4b87608e8cadcb7b64f (v3.25.5)
+ NOTE: https://github.com/protocolbuffers/protobuf/commit/b5a7cf7cf4b7e39f6b02205e45afe2104a7faf81 (v3.25.5)
NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0437.html
NOTE: https://github.com/advisories/GHSA-735f-pc8j-v9w8
NOTE: https://github.com/stepancheg/rust-protobuf/issues/749
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b011e244ca15eb8db402f1e7ab5403f7fe7fa7a8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b011e244ca15eb8db402f1e7ab5403f7fe7fa7a8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250703/064c148d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list