Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: bbbed30a by Salvatore Bonaccorso at 2024-06-03T21:52:36+02:00 Add Debian bug reference for CVE-2024-22641/tcpdf - - - - - 9b4f1533 by Salvatore Bonaccorso at 2024-06-03T21:53:33+02:00 Add Debian bug reference for CVE-2024-35226 - - - - - 9323cc09 by Salvatore Bonaccorso at 2024-06-03T21:54:20+02:00 Add Debian bug reference for CVE-2024-2199/389-ds-base - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1074,8 +1074,8 @@ CVE-2024-35240 (Umbraco Commerce is an open source dotnet ecommerce solution. In CVE-2024-35239 (Umbraco Commerce is an open source dotnet web forms solution. In affec ...) NOT-FOR-US: Umbraco Commerce CVE-2024-35226 (Smarty is a template engine for PHP, facilitating the separation of pr ...) - - smarty3 <unfixed> - - smarty4 <unfixed> + - smarty3 <unfixed> (bug #1072530) + - smarty4 <unfixed> (bug #1072529) NOTE: https://github.com/smarty-php/smarty/security/advisories/GHSA-4rmg-292m-wg3w NOTE: https://github.com/smarty-php/smarty/commit/76881c8d33d80648f70c9b0339f770f5f69a87a2 (v4.5.3) NOTE: https://github.com/smarty-php/smarty/commit/0be92bc8a6fb83e6e0d883946f7e7c09ba4e857a (v5.2.0) @@ -1084,7 +1084,7 @@ CVE-2024-23580 (HCL DRYiCE Optibot Reset Station is impacted byinsecure encrypti CVE-2024-23579 (HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of ...) NOT-FOR-US: HCL CVE-2024-22641 (TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Express ...) - - tcpdf <unfixed> + - tcpdf <unfixed> (bug #1072528) [bookworm] - tcpdf <no-dsa> (Minor issue) [bullseye] - tcpdf <no-dsa> (Minor issue) NOTE: https://github.com/tecnickcom/TCPDF/issues/724 @@ -1207,7 +1207,7 @@ CVE-2024-30164 (Amazon AWS Client VPN has a buffer overflow that could potential CVE-2024-2451 (Improper fingerprint validation in the TeamViewer Client (Full & Host) ...) NOT-FOR-US: TeamViewer CVE-2024-2199 (A denial of service vulnerability was found in 389-ds-base ldap server ...) - - 389-ds-base <unfixed> + - 389-ds-base <unfixed> (bug #1072531) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2267976 CVE-2024-29072 (A privilege escalation vulnerability exists in the Foxit Reader 2024.2 ...) NOT-FOR-US: Foxit Reader View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a79b0175394cf9652294e71b346d50121b57cd99...9323cc0924fa2a1bef113237ff30c72283d4c258 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a79b0175394cf9652294e71b346d50121b57cd99...9323cc0924fa2a1bef113237ff30c72283d4c258 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits