Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a4f00baa by Salvatore Bonaccorso at 2024-08-21T23:04:40+02:00 Add CVE-2024-43407/ckeditor - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -118,7 +118,11 @@ CVE-2024-43411 (CKEditor4 is an open source what-you-see-is-what-you-get HTML ed CVE-2024-43410 (Russh is a Rust SSH client & server library. Allocating an untrusted a ...) TODO: check CVE-2024-43407 (CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. ...) - TODO: check + - ckeditor <unfixed> + NOTE: https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-7r32-vfj5-c2jv + NOTE: Fixed by removing the plugins/codesnippetgeshi/dev directory completely. + NOTE: https://github.com/ckeditor/ckeditor4/commit/71072c9f7f263329841bd38e7e5309074c82ef94 (4.25.0-lts) + NOTE: https://github.com/ckeditor/ckeditor4/commit/951e7d75fcbcaa2590b0719fb0bb0dd0539ca6fa (4.25.0-lts) CVE-2024-43371 (CKAN is an open-source data management system for powering data hubs a ...) NOT-FOR-US: CKAN CVE-2024-43027 (DrayTek Vigor 3900 before v1.5.1.5_Beta, DrayTek Vigor 2960 before v1. ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4f00baa82c6f2b5739ec4025c6d48cdec61e97e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4f00baa82c6f2b5739ec4025c6d48cdec61e97e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits