Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 426c289a by Salvatore Bonaccorso at 2024-03-06T21:45:22+01:00 Add CVE-2024-27304/golang-github-jackc-pgx - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -13,7 +13,11 @@ CVE-2024-27915 (Sulu is a PHP content management system. Starting in verson 2.2. CVE-2024-27307 (JSONata is a JSON query and transformation language. Starting in versi ...) TODO: check CVE-2024-27304 (pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur ...) - TODO: check + - golang-github-jackc-pgx <unfixed> + NOTE: https://github.com/jackc/pgx/security/advisories/GHSA-mrww-27vc-gghv + NOTE: https://github.com/jackc/pgx/commit/adbb38f298c76e283ffc7c7a3f571036fea47fd4 (v5.5.4) + NOTE: https://github.com/jackc/pgx/commit/c543134753a0c5d22881c12404025724cb05ffd8 (v5.5.4) + NOTE: https://github.com/jackc/pgx/commit/f94eb0e2f96782042c96801b5ac448f44f0a81df (v4.18.2) CVE-2024-27303 (electron-builder is a solution to package and build a ready for distri ...) TODO: check CVE-2024-27302 (go-zero is a web and rpc framework. Go-zero allows user to specify a C ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/426c289a0216367ef5eccf220234906db282329d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/426c289a0216367ef5eccf220234906db282329d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits