[Git][security-tracker-team/security-tracker][master] Update status for ofono issues in unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Mar 15 09:33:51 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7f0f72d8 by Salvatore Bonaccorso at 2025-03-15T10:33:25+01:00
Update status for ofono issues in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -63253,16 +63253,19 @@ CVE-2024-7539 (oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerabili
[bullseye] - ofono <postponed> (Revisit when/if fixed upstream)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1079/
NOTE: https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=389e2344f86319265fb72ae590b470716e038fdc
+ NOTE: https://lore.kernel.org/ofono/DM5PR0102MB3477EF696990E9AF78891586805F2@DM5PR0102MB3477.prod.exchangelabs.com/
CVE-2024-7538 (oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulne ...)
- - ofono <unfixed> (bug #1078555)
+ - ofono 2.14-1 (bug #1078555)
[bookworm] - ofono <postponed> (Revisit when/if fixed upstream)
[bullseye] - ofono <postponed> (Revisit when/if fixed upstream)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1078/
+ NOTE: https://lore.kernel.org/ofono/BYAPR01MB3830CC0A4CA324706691F19380D62@BYAPR01MB3830.prod.exchangelabs.com/
CVE-2024-7537 (oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulne ...)
- ofono <unfixed> (bug #1099190)
[bookworm] - ofono <postponed> (Revisit when/if fixed upstream)
[bullseye] - ofono <postponed> (Revisit when/if fixed upstream)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1077/
+ NOTE: https://lore.kernel.org/ofono/BYAPR01MB3830B08E8DB1D76A9A85B07680D62@BYAPR01MB3830.prod.exchangelabs.com/T/#u
CVE-2024-7006 (A null pointer dereference flaw was found in Libtiff via `tif_dirinfo. ...)
{DLA-4026-1}
- tiff 4.5.1+git230720-5 (bug #1078648)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f0f72d8510c108f73c86e4574fe214536997458
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f0f72d8510c108f73c86e4574fe214536997458
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250315/dbe1ceae/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list