[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2024-26540/cimg: buster postponed, reference patch

Sat, 16 Mar 2024 05:46:14 -0700 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8cea774f by Sylvain Beucler at 2024-03-16T13:36:03+01:00
CVE-2024-26540/cimg: buster postponed, reference patch

- - - - -
246888dc by Sylvain Beucler at 2024-03-16T13:44:52+01:00
CVE-2024-28849/node-follow-redirects: buster postponed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -351,7 +351,12 @@ CVE-2024-26540 (A heap-based buffer overflow in Clmg 
before 3.3.3 can occur via
        - cimg <unfixed>
        [bookworm] - cimg <no-dsa> (Minor issue)
        [bullseye] - cimg <no-dsa> (Minor issue)
+       [buster] - cimg <postponed> (Minor issue; no rdeps)
        NOTE: https://github.com/GreycLab/CImg/issues/403
+       NOTE: 
https://github.com/GreycLab/CImg/commit/6a97a5209987e60fcce293ea102a068a88085098
 (v.3.3.3)
+       NOTE: 
https://github.com/GreycLab/CImg/commit/c214dfee22a3fedcfae48fba7645f7a819cc9385
 (v.3.3.3)
+       NOTE: 
https://github.com/GreycLab/CImg/commit/ec6a1f2183620a90b4dcf456813e597ade791dc6
 (v.3.3.3)
+       NOTE: 
https://github.com/GreycLab/CImg/commit/cb9c5518905ea370954a59903ff747650c6edd40
 (v.3.3.3)
 CVE-2024-26503 (Unrestricted File Upload vulnerability in Greek Universities 
Network O ...)
        NOT-FOR-US: Greek Universities Network Open eClass
 CVE-2024-26475 (An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and 
fixed in v.5 ...)
@@ -417,6 +422,7 @@ CVE-2024-28849 (follow-redirects is an open source, drop-in 
replacement for Node
        - node-follow-redirects <unfixed> (bug #1066971)
        [bookworm] - node-follow-redirects <no-dsa> (Minor issue)
        [bullseye] - node-follow-redirects <no-dsa> (Minor issue)
+       [buster] - node-follow-redirects <postponed> (Follow-up to 
CVE-2022-0155)
        NOTE: 
https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp
        NOTE: https://github.com/psf/requests/issues/1885
        NOTE: 
https://github.com/follow-redirects/follow-redirects/commit/c4f847f85176991f95ab9c88af63b1294de8649b
 (v1.15.6)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5c76fbe69e1756873c56b82990615c555d15f113...246888dcbdba2fe2cdc324dabfe4f7aa6abfab02

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5c76fbe69e1756873c56b82990615c555d15f113...246888dcbdba2fe2cdc324dabfe4f7aa6abfab02
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to