Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a9100fb6 by Salvatore Bonaccorso at 2024-04-05T21:52:18+02:00
Add CVE-2024-28871/libhtp
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -143,7 +143,13 @@ CVE-2024-29191 (gotortc is a camera streaming application.
Versions 1.8.5 and pr
CVE-2024-29182 (Collabora Online is a collaborative online office suite based
on Libre ...)
NOT-FOR-US: Collabora Online
CVE-2024-28871 (LibHTP is a security-aware parser for the HTTP protocol and
the relate ...)
- TODO: check
+ - libhtp 1:0.5.47-1
+ [bookworm] - libhtp <not-affected> (Vulnerable code introduced in
0.5.46)
+ [bullseye] - libhtp <not-affected> (Vulnerable code introduced in
0.5.46)
+ NOTE:
https://github.com/OISF/libhtp/security/advisories/GHSA-ffr2-45w9-7wmg
+ NOTE: Introduced by:
https://github.com/OISF/libhtp/commit/bf618ec7f243cebfb0f7e84c3cb158955cb32b4d
(0.5.46)
+ NOTE: Fixed by:
https://github.com/OISF/libhtp/commit/79e713f3e527593a45f545e854cd9e6fbb3cd3ed
(0.5.47)
+ NOTE: https://redmine.openinfosecfoundation.org/issues/6757
CVE-2024-28787 (IBM Security Verify Access 10.0.0 through 10.0.7 and IBM
Application G ...)
NOT-FOR-US: IBM
CVE-2024-27575 (Directory Traversal vulnerability in INOTEC Sicherheitstechnik
GmbH IN ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9100fb6b7837f0e3e2d3d859d2bb0c96900c509
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9100fb6b7837f0e3e2d3d859d2bb0c96900c509
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
