[Git][security-tracker-team/security-tracker][master] add some note for CVE-2024-45508
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Fri Jan 23 13:37:17 GMT 2026
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0868d13f by Thorsten Alteholz at 2026-01-23T14:36:49+01:00
add some note for CVE-2024-45508
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -166483,6 +166483,10 @@ CVE-2024-45508 (HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragr
[bullseye] - htmldoc <postponed> (Minor issue)
NOTE: https://github.com/michaelrsweet/htmldoc/issues/528
NOTE: https://github.com/michaelrsweet/htmldoc/commit/2d5b2ab9ddbf2aee2209010cebc11efdd1cab6e2
+ NOTE: in issue #528 a regression was mentioned that should be fixed by:
+ NOTE: https://github.com/michaelrsweet/htmldoc/commit/aaffa753c0dfe1b82a43051847f77c582e32a235
+ NOTE: but this commit is basically a revert of the initial fix
+ NOTE: attention: in version 1.9.19 a new string pool was introduced
CVE-2024-45270 (WordPress plugin "Carousel Slider" provided by Sayful Islam contains a ...)
NOT-FOR-US: WordPress plugin
CVE-2024-45269 (WordPress plugin "Carousel Slider" provided by Sayful Islam contains a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0868d13f0a17363777fbdb9687dbfe2ddbb3d82c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0868d13f0a17363777fbdb9687dbfe2ddbb3d82c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260123/27688846/attachment.htm>
More information about the debian-security-tracker-commits
mailing list