[Git][security-tracker-team/security-tracker][master] 2 commits: Process one NFU

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
18a74861 by Salvatore Bonaccorso at 2025-01-28T21:44:23+01:00
Process one NFU

- - - - -
55954f1f by Salvatore Bonaccorso at 2025-01-28T21:44:23+01:00
Add CVE-2024-45340/go

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47,7 +47,7 @@ CVE-2024-8401 (CWE-79: Improper Neutralization of Input 
During Web Page Generati
 CVE-2024-7881 (An unprivileged context can trigger a data memory-dependent 
prefetch e ...)
        TODO: check
 CVE-2024-6351 (A malformed packet can cause a buffer overflow in the NWK/APS 
layer of ...)
-       TODO: check
+       NOT-FOR-US: Ember ZNet
 CVE-2024-40677 (In shouldSkipForInitialSUW of AdvancedPowerUsageDetail.java, 
there is  ...)
        TODO: check
 CVE-2024-40676 (In checkKeyIntent of AccountManagerService.java, there is a 
possible w ...)
@@ -301,7 +301,12 @@ CVE-2024-53881 (NVIDIA vGPU software contains a 
vulnerability in the host driver
 CVE-2024-48662 (Cross Site Scripting vulnerability in AdGuard Application 
v.7.18.1 (47 ...)
        NOT-FOR-US: AdGuard Application
 CVE-2024-45340 (Credentials provided via the new GOAUTH feature were not being 
properl ...)
-       TODO: check
+       - golang-1.24 1.24~rc2-1
+       NOTE: https://go-review.googlesource.com/c/go/+/643097
+       NOTE: https://github.com/golang/go/issues/71249
+       NOTE: 
https://github.com/golang/go/commit/139d6eedae38f9e8bc81bb2c8c5c2c75d12853ab 
(maser)
+       NOTE: 
https://github.com/golang/go/commit/8336dfde7096ff75c1ff256cb3079863cefac33a 
(go1.24rc2)
+       TODO: check older branches
 CVE-2024-45339 (When logs are written to a widely-writable directory (the 
default), an ...)
        TODO: check
 CVE-2024-44172 (A privacy issue was addressed with improved private data 
redaction for ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a6a6c45e15c6029b418c83f8b589b017774c2f7f...55954f1f3aca53dd2843c1b500b55ba1ed8a2431

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a6a6c45e15c6029b418c83f8b589b017774c2f7f...55954f1f3aca53dd2843c1b500b55ba1ed8a2431
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits