[Git][security-tracker-team/security-tracker][master] Add advisory reference for CVE-2024-13939/libstring-compare-constanttime-perl
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Mar 28 19:44:53 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e988bade by Salvatore Bonaccorso at 2025-03-28T20:39:01+01:00
Add advisory reference for CVE-2024-13939/libstring-compare-constanttime-perl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -85,6 +85,7 @@ CVE-2024-49563 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neu
NOT-FOR-US: Dell / EMC
CVE-2024-13939 (String::Compare::ConstantTime for Perl through 0.321 is vulnerable to ...)
- libstring-compare-constanttime-perl <unfixed> (bug #1101502)
+ NOTE: https://lists.security.metacpan.org/cve-announce/msg/28284732/
NOTE: https://metacpan.org/release/FRACTAL/String-Compare-ConstantTime-0.321/view/lib/String/Compare/ConstantTime.pm#TIMING-SIDE-CHANNEL
CVE-2024-56325
NOT-FOR-US: Apache Pinot
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e988badecd7ff43ad720f07f8b347e399f140592
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e988badecd7ff43ad720f07f8b347e399f140592
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250328/c748fffe/attachment.htm>
More information about the debian-security-tracker-commits
mailing list