[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 08 Dec 2024 12:13:07 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3147975a by security tracker role at 2024-12-08T20:12:45+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2024-12343 (A vulnerability classified as critical has been found in 
TP-Link VN020 ...)
+       TODO: check
 CVE-2024-53473 (WeGIA 3.2.0 before 3998672 does not verify permission to 
change a pass ...)
        TODO: check
 CVE-2024-12342 (A vulnerability was found in TP-Link VN020 F3v(T) 
TT_V6.2.1021. It has ...)
@@ -4185,26 +4187,26 @@ CVE-2024-11477 (7-Zip Zstandard Decompression Integer 
Underflow Remote Code Exec
        - p7zip <not-affected> (Vulnerable code not present)
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-24-1532/
 CVE-2024-11233 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 
8.3.* before ...)
-       {DSA-5819-1}
+       {DSA-5819-1 DLA-3986-1}
        - php8.2 8.2.26-4 (bug #1088688)
        - php7.4 <removed>
        NOTE: 
https://github.com/php/php-src/security/advisories/GHSA-r977-prxv-hc43
        NOTE: 
https://github.com/php/php-src/commit/a6c84cd7efd7eaaaefd4463412508df570d35358 
(php-8.2.26)
 CVE-2024-11234 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 
8.3.* before ...)
-       {DSA-5819-1}
+       {DSA-5819-1 DLA-3986-1}
        - php8.2 8.2.26-4 (bug #1088688)
        - php7.4 <removed>
        NOTE: 
https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2
        NOTE: 
https://github.com/php/php-src/commit/cf6700e86d6357420a7c8386da63d48fec55f633 
(php-8.2.26)
 CVE-2024-11236 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 
8.3.* before ...)
-       {DSA-5819-1}
+       {DSA-5819-1 DLA-3986-1}
        - php8.2 8.2.26-4 (bug #1088688)
        - php7.4 <removed>
        NOTE: 
https://github.com/php/php-src/security/advisories/GHSA-5hqh-c84r-qjcv
        NOTE: 
https://github.com/php/php-src/commit/7742f79a8a9c20522dbf40e1dc1d4ccad71d399c 
(php-8.2.26)
        NOTE: 
https://github.com/php/php-src/commit/2dbe1425c5768faea2aa7bca26081dd208c94ac8 
(php-8.2.26)
 CVE-2024-8929 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* 
before ...)
-       {DSA-5819-1}
+       {DSA-5819-1 DLA-3986-1}
        - php8.2 8.2.26-4 (bug #1088688)
        - php7.4 <removed>
        NOTE: 
https://github.com/php/php-src/security/advisories/GHSA-h35g-vwh6-m678
@@ -4212,7 +4214,7 @@ CVE-2024-8929 (In PHP versions 8.1.* before 8.1.31, 8.2.* 
before 8.2.26, 8.3.* b
        NOTE: Follow-up: 
https://github.com/php/php-src/commit/abc6de0ddec93564e9faa8065ac5756a1fbaf763 
(php-8.2.26)
        NOTE: Follow-up: 
https://github.com/php/php-src/commit/913031c844737d78a62c4af2aab1c3eeb7dc95bf 
(php-8.2.26)
 CVE-2024-8932 (In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* 
before ...)
-       {DSA-5819-1}
+       {DSA-5819-1 DLA-3986-1}
        - php8.2 8.2.26-4 (bug #1088688)
        - php7.4 <removed>
        NOTE: 
https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff
@@ -125386,7 +125388,7 @@ CVE-2020-36728 (The Adning Advertising plugin for 
WordPress is vulnerable to fil
 CVE-2020-36705 (The Adning Advertising plugin for WordPress is vulnerable to 
arbitrary ...)
        NOT-FOR-US: Adning Advertising plugin for WordPress
 CVE-2023-33865 (RenderDoc before 1.27 allows local privilege escalation via a 
symlink  ...)
-       {DLA-3501-1}
+       {DLA-3987-1 DLA-3501-1}
        - renderdoc 1.27+dfsg-1 (bug #1037208)
        [bookworm] - renderdoc <no-dsa> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3
@@ -125396,7 +125398,7 @@ CVE-2023-33865 (RenderDoc before 1.27 allows local 
privilege escalation via a sy
        NOTE: 
https://github.com/baldurk/renderdoc/commit/203fc8382a79d53d2035613d9425d966b1d4958e
 (v1.27)
        NOTE: 
https://github.com/baldurk/renderdoc/commit/771aa8e769b72e6a36b31d6e2116db9952dcbe9b
 (v1.27)
 CVE-2023-33864 (StreamReader::ReadFromExternal in RenderDoc before 1.27 allows 
an Inte ...)
-       {DLA-3501-1}
+       {DLA-3987-1 DLA-3501-1}
        - renderdoc 1.27+dfsg-1 (bug #1037208)
        [bookworm] - renderdoc <no-dsa> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3
@@ -125406,7 +125408,7 @@ CVE-2023-33864 (StreamReader::ReadFromExternal in 
RenderDoc before 1.27 allows a
        NOTE: 
https://github.com/baldurk/renderdoc/commit/203fc8382a79d53d2035613d9425d966b1d4958e
 (v1.27)
        NOTE: 
https://github.com/baldurk/renderdoc/commit/771aa8e769b72e6a36b31d6e2116db9952dcbe9b
 (v1.27)
 CVE-2023-33863 (SerialiseValue in RenderDoc before 1.27 allows an Integer 
Overflow wit ...)
-       {DLA-3501-1}
+       {DLA-3987-1 DLA-3501-1}
        - renderdoc 1.27+dfsg-1 (bug #1037208)
        [bookworm] - renderdoc <no-dsa> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2023/06/06/3



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3147975a90fad31a9e3c5984f6e91afea70fe81a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3147975a90fad31a9e3c5984f6e91afea70fe81a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to