[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-53846/erlang

Fri Sep 12 21:01:00 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9c7e41b5 by Salvatore Bonaccorso at 2025-09-12T22:00:19+02:00
Update status for CVE-2024-53846/erlang

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -88874,7 +88874,11 @@ CVE-2024-53856 (rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1,
 	- rust-pgp 0.14.2-1
 	NOTE: https://github.com/rpgp/rpgp/security/advisories/GHSA-9rmp-2568-59rv
 CVE-2024-53846 (OTP is a set of Erlang libraries, which consists of the Erlang runtime ...)
-	NOT-FOR-US: Erlang OTP
+	- erlang 1:27.2+dfsg-1
+	[bookworm] - erlang <not-affected> (Vulnerable code introduced later)
+	[bullseye] - erlang <not-affected> (Vulnerable code introduced later)
+	NOTE: https://github.com/erlang/otp/security/advisories/GHSA-qw6r-qh9v-638v
+	NOTE: Introduced with: https://github.com/erlang/otp/commit/e7cd7fc40973493096f1582ae9089d87a7e88991#diff-ad2e52bd3adefb3dc79ab09e6124161de02878ff04d0e27c09fa0d548f0e21a7 (OTP-25.3.2.8, OTP-26.2)
 CVE-2024-53703 (A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv ...)
 	NOT-FOR-US: SonicWall
 CVE-2024-53702 (Use of cryptographically weak pseudo-random number generator (PRNG) vu ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c7e41b55b4a6defb155f672ff6ff0a9abb0a3d2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c7e41b55b4a6defb155f672ff6ff0a9abb0a3d2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250912/703bf39b/attachment-0001.htm>
