[Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream tag information for two upstream commits
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Oct 27 16:30:27 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bdaa48ad by Salvatore Bonaccorso at 2025-10-27T17:29:30+01:00
Add upstream tag information for two upstream commits
- - - - -
1dad0c07 by Salvatore Bonaccorso at 2025-10-27T17:29:52+01:00
Add upstream issue reference for CVE-2025-9784
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -20819,6 +20819,7 @@ CVE-2025-9828 (A vulnerability was determined in Tenda CP6 11.10.00.243. The aff
CVE-2025-9784 (A flaw was found in Undertow where malformed client requests can trigg ...)
- undertow 2.3.20-1 (bug #1117694)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2392306
+ NOTE: https://issues.redhat.com/browse/UNDERTOW-2598
NOTE: Dedicated CVE for undertow for the "MadeYouReset" DoS attack
CVE-2025-9696 (The SunPower PVS6's BluetoothLE interface is vulnerable due to its use ...)
NOT-FOR-US: SunPower PVS6's BluetoothLE interface
@@ -149473,7 +149474,7 @@ CVE-2024-6181 (A vulnerability was found in LabVantage LIMS 2017. It has been de
CVE-2024-6162 (A vulnerability was found in Undertow, where URL-encoded request paths ...)
- undertow 2.3.18-1 (bug #1077546)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2293069
- NOTE: Fixed by https://github.com/undertow-io/undertow/pull/1609/commits/90f202ada89b6d9883beed0f1fe10c99d470d9a8
+ NOTE: Fixed by: https://github.com/undertow-io/undertow/commit/90f202ada89b6d9883beed0f1fe10c99d470d9a8 (2.3.14.Final)
CVE-2024-5886
REJECTED
CVE-2024-5156 (The Flatsome theme for WordPress is vulnerable to Stored Cross-Site Sc ...)
@@ -204329,7 +204330,7 @@ CVE-2023-6710 (A flaw was found in the mod_proxy_cluster in the Apache server. T
CVE-2023-5379 (A flaw was found in Undertow. When an AJP request is sent that exceeds ...)
- undertow 2.3.18-1 (bug #1059055)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2242099
- NOTE: Fixed by https://github.com/undertow-io/undertow/pull/1555/commits/b0732610112cb2066b5e43a47a11008edfacee02
+ NOTE: Fixed by: https://github.com/undertow-io/undertow/commit/b0732610112cb2066b5e43a47a11008edfacee02 (2.3.12.Final)
CVE-2023-49921 (An issue was discovered by Elastic whereby Watcher search input logged ...)
- elasticsearch <removed>
CVE-2023-6687 (An issue was discovered by Elastic whereby Elastic Agent would log a r ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9a7e5131e35d60285832dae4b7a6a331361c522e...1dad0c07c27cb298f89572cab0a4cc2e12fe5308
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9a7e5131e35d60285832dae4b7a6a331361c522e...1dad0c07c27cb298f89572cab0a4cc2e12fe5308
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251027/58e3d01e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list