Merge ~sayun/ubuntu-cve-tracker/+git/UCT:CVE-2023-4508-etal into ubuntu-cve-tracker:master
- Git
- lp:~sayun/ubuntu-cve-tracker/+git/UCT
- CVE-2023-4508-etal
- Merge into master
Proposed by
Chris
Status: | Merged |
---|---|
Merged at revision: | 51b26371a511b99498b7601c1faef67496979e2d |
Proposed branch: | ~sayun/ubuntu-cve-tracker/+git/UCT:CVE-2023-4508-etal |
Merge into: | ubuntu-cve-tracker:master |
Diff against target: |
13708 lines (+5612/-33) 137 files modified
active/CVE-2023-4508 (+8/-6) dev/null (+0/-27) retired/CVE-2023-45285 (+61/-0) retired/CVE-2023-46049 (+161/-0) retired/CVE-2023-46219 (+39/-0) retired/CVE-2023-46246 (+43/-0) retired/CVE-2023-4641 (+41/-0) retired/CVE-2023-46751 (+38/-0) retired/CVE-2023-47470 (+39/-0) retired/CVE-2023-47471 (+37/-0) retired/CVE-2023-48426 (+38/-0) retired/CVE-2023-4863 (+97/-0) retired/CVE-2023-48706 (+45/-0) retired/CVE-2023-4911 (+54/-0) retired/CVE-2023-49355 (+39/-0) retired/CVE-2023-49465 (+36/-0) retired/CVE-2023-49467 (+36/-0) retired/CVE-2023-49468 (+35/-0) retired/CVE-2023-4949 (+34/-0) retired/CVE-2023-49721 (+35/-0) retired/CVE-2023-50246 (+35/-0) retired/CVE-2023-50268 (+37/-0) retired/CVE-2023-50292 (+47/-0) retired/CVE-2023-50298 (+48/-0) retired/CVE-2023-50386 (+52/-0) retired/CVE-2023-5680 (+52/-0) retired/CVE-2023-5732 (+39/-0) retired/CVE-2023-6246 (+54/-0) retired/CVE-2023-6247 (+33/-0) retired/CVE-2023-6258 (+35/-0) retired/CVE-2023-6277 (+51/-0) retired/CVE-2023-6779 (+51/-0) retired/CVE-2023-6780 (+51/-0) retired/CVE-2023-7207 (+41/-0) retired/CVE-2024-0232 (+59/-0) retired/CVE-2024-0567 (+45/-0) retired/CVE-2024-0853 (+38/-0) retired/CVE-2024-1048 (+75/-0) retired/CVE-2024-1059 (+36/-0) retired/CVE-2024-1060 (+36/-0) retired/CVE-2024-1077 (+36/-0) retired/CVE-2024-1283 (+36/-0) retired/CVE-2024-1284 (+36/-0) retired/CVE-2024-1488 (+37/-0) retired/CVE-2024-1669 (+34/-0) retired/CVE-2024-1670 (+34/-0) retired/CVE-2024-1671 (+34/-0) retired/CVE-2024-1672 (+34/-0) retired/CVE-2024-1673 (+35/-0) retired/CVE-2024-1674 (+34/-0) retired/CVE-2024-1675 (+34/-0) retired/CVE-2024-1676 (+34/-0) retired/CVE-2024-1874 (+86/-0) retired/CVE-2024-1899 (+28/-0) retired/CVE-2024-1936 (+33/-0) retired/CVE-2024-1938 (+32/-0) retired/CVE-2024-1939 (+32/-0) retired/CVE-2024-2004 (+41/-0) retired/CVE-2024-20290 (+44/-0) retired/CVE-2024-20328 (+41/-0) retired/CVE-2024-20380 (+36/-0) retired/CVE-2024-20932 (+180/-0) retired/CVE-2024-2173 (+31/-0) retired/CVE-2024-2174 (+31/-0) retired/CVE-2024-2176 (+31/-0) retired/CVE-2024-22195 (+43/-0) retired/CVE-2024-22563 (+36/-0) retired/CVE-2024-22667 (+39/-0) retired/CVE-2024-22860 (+36/-0) retired/CVE-2024-22861 (+34/-0) retired/CVE-2024-22862 (+35/-0) retired/CVE-2024-2313 (+33/-0) retired/CVE-2024-2314 (+34/-0) retired/CVE-2024-2379 (+34/-0) retired/CVE-2024-2397 (+30/-0) retired/CVE-2024-2398 (+39/-0) retired/CVE-2024-2400 (+33/-0) retired/CVE-2024-24246 (+34/-0) retired/CVE-2024-24482 (+33/-0) retired/CVE-2024-24575 (+48/-0) retired/CVE-2024-2466 (+36/-0) retired/CVE-2024-24761 (+29/-0) retired/CVE-2024-24806 (+53/-0) retired/CVE-2024-24826 (+37/-0) retired/CVE-2024-24989 (+39/-0) retired/CVE-2024-24990 (+39/-0) retired/CVE-2024-25112 (+37/-0) retired/CVE-2024-2625 (+31/-0) retired/CVE-2024-2626 (+31/-0) retired/CVE-2024-2627 (+31/-0) retired/CVE-2024-2628 (+31/-0) retired/CVE-2024-2629 (+31/-0) retired/CVE-2024-2630 (+31/-0) retired/CVE-2024-2631 (+31/-0) retired/CVE-2024-27285 (+42/-0) retired/CVE-2024-27308 (+55/-0) retired/CVE-2024-27456 (+35/-0) retired/CVE-2024-27508 (+34/-0) retired/CVE-2024-2757 (+86/-0) retired/CVE-2024-27913 (+47/-0) retired/CVE-2024-2883 (+31/-0) retired/CVE-2024-28834 (+41/-0) retired/CVE-2024-28835 (+38/-0) retired/CVE-2024-2885 (+31/-0) retired/CVE-2024-2886 (+31/-0) retired/CVE-2024-28862 (+32/-0) retired/CVE-2024-2887 (+31/-0) retired/CVE-2024-3094 (+40/-0) retired/CVE-2024-31392 (+91/-0) retired/CVE-2024-31393 (+91/-0) retired/CVE-2024-3156 (+31/-0) retired/CVE-2024-3157 (+32/-0) retired/CVE-2024-3158 (+31/-0) retired/CVE-2024-3159 (+31/-0) retired/CVE-2024-31949 (+40/-0) retired/CVE-2024-32487 (+35/-0) retired/CVE-2024-32662 (+54/-0) retired/CVE-2024-3515 (+31/-0) retired/CVE-2024-3516 (+31/-0) retired/CVE-2024-3832 (+31/-0) retired/CVE-2024-3833 (+31/-0) retired/CVE-2024-3834 (+33/-0) retired/CVE-2024-3837 (+34/-0) retired/CVE-2024-3838 (+34/-0) retired/CVE-2024-3839 (+33/-0) retired/CVE-2024-3840 (+31/-0) retired/CVE-2024-3841 (+31/-0) retired/CVE-2024-3843 (+31/-0) retired/CVE-2024-3844 (+31/-0) retired/CVE-2024-3845 (+31/-0) retired/CVE-2024-3846 (+32/-0) retired/CVE-2024-3847 (+31/-0) retired/CVE-2024-3863 (+93/-0) retired/CVE-2024-3914 (+29/-0) retired/CVE-2024-4058 (+27/-0) retired/CVE-2024-4059 (+27/-0) retired/CVE-2024-4060 (+27/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Steve Beattie | Approve | ||
Review via email: mp+465355@code.launchpad.net |
Commit message
Update UCT with CVE-2023-4508. Also retiring a lot of other CVEs.
Description of the change
To post a comment you must log in.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/active/CVE-2023-4508 b/active/CVE-2023-4508 |
2 | index 667cc9f..ef89eb4 100644 |
3 | --- a/active/CVE-2023-4508 |
4 | +++ b/active/CVE-2023-4508 |
5 | @@ -1,7 +1,9 @@ |
6 | +PublicDateAtUSN: 2023-08-24 23:15:00 UTC |
7 | Candidate: CVE-2023-4508 |
8 | PublicDate: 2023-08-24 23:15:00 UTC |
9 | References: |
10 | https://www.cve.org/CVERecord?id=CVE-2023-4508 |
11 | + https://ubuntu.com/security/notices/USN-6760-1 |
12 | Description: |
13 | A user able to control file input to Gerbv, between versions 2.4.0 and |
14 | 2.10.0, can cause a crash and cause denial-of-service with a specially |
15 | @@ -25,15 +27,15 @@ Patches_gerbv: |
16 | upstream_gerbv: released (2.10.0) |
17 | trusty_gerbv: ignored (end of standard support) |
18 | xenial_gerbv: ignored (end of standard support) |
19 | -esm-apps/xenial_gerbv: needed |
20 | +esm-apps/xenial_gerbv: released (2.6.0-1ubuntu0.16.04.1~esm2) |
21 | bionic_gerbv: ignored (end of standard support) |
22 | -esm-apps/bionic_gerbv: needed |
23 | -focal_gerbv: needed |
24 | -esm-apps/focal_gerbv: needed |
25 | +esm-apps/bionic_gerbv: released (2.6.1-3ubuntu0.1~esm2) |
26 | +focal_gerbv: released (2.7.0-1ubuntu0.2) |
27 | +esm-apps/focal_gerbv: not-affected (2.7.0-1ubuntu0.2) |
28 | jammy_gerbv: needed |
29 | -esm-apps/jammy_gerbv: needed |
30 | +esm-apps/jammy_gerbv: released (2.8.2-1ubuntu0.1~esm2) |
31 | lunar_gerbv: ignored (end of life, was needed) |
32 | -mantic_gerbv: needed |
33 | +mantic_gerbv: released (2.9.8-1ubuntu0.1) |
34 | noble_gerbv: not-affected (2.10.0-1) |
35 | esm-apps/noble_gerbv: not-affected (2.10.0-1) |
36 | devel_gerbv: not-affected (2.10.0-1) |
37 | diff --git a/active/CVE-2023-45285 b/active/CVE-2023-45285 |
38 | deleted file mode 100644 |
39 | index 7ec2966..0000000 |
40 | --- a/active/CVE-2023-45285 |
41 | +++ /dev/null |
42 | @@ -1,61 +0,0 @@ |
43 | -PublicDateAtUSN: 2023-12-06 |
44 | -Candidate: CVE-2023-45285 |
45 | -PublicDate: 2023-12-06 17:15:00 UTC |
46 | -References: |
47 | - https://go.dev/issue/63845 |
48 | - https://github.com/golang/go/commit/23c943e5296c6fa3a6f9433bd929306c4dbf2aa3 (go1.21.5) |
49 | - https://github.com/golang/go/commit/46bc33819ac86a9596b8059235842f0e0c7469bd (go1.20.12) |
50 | - https://ubuntu.com/security/notices/USN-6574-1 |
51 | - https://www.cve.org/CVERecord?id=CVE-2023-45285 |
52 | -Description: |
53 | - Using go get to fetch a module with the ".git" suffix may unexpectedly |
54 | - fallback to the insecure "git://" protocol if the module is unavailable via |
55 | - the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not |
56 | - set for said module. This only affects users who are not using the module |
57 | - proxy and are fetching modules directly (i.e. GOPROXY=off). |
58 | -Ubuntu-Description: |
59 | -Notes: |
60 | -Mitigation: |
61 | -Bugs: |
62 | -Priority: medium |
63 | -Discovered-by: |
64 | -Assigned-to: |
65 | -CVSS: |
66 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N [7.5 HIGH] |
67 | - |
68 | -Patches_golang-1.19: |
69 | -upstream_golang-1.19: needs-triage |
70 | -trusty_golang-1.19: ignored (end of standard support) |
71 | -xenial_golang-1.19: ignored (end of standard support) |
72 | -bionic_golang-1.19: ignored (end of standard support) |
73 | -focal_golang-1.19: DNE |
74 | -jammy_golang-1.19: DNE |
75 | -lunar_golang-1.19: ignored (end of life, was needs-triage) |
76 | -mantic_golang-1.19: DNE |
77 | -noble_golang-1.19: DNE |
78 | -devel_golang-1.19: DNE |
79 | - |
80 | -Patches_golang-1.20: |
81 | -upstream_golang-1.20: released (1.20.12-1) |
82 | -trusty_golang-1.20: ignored (end of standard support) |
83 | -xenial_golang-1.20: ignored (end of standard support) |
84 | -bionic_golang-1.20: ignored (end of standard support) |
85 | -focal_golang-1.20: released (1.20.3-1ubuntu0.1~20.04.1) |
86 | -jammy_golang-1.20: released (1.20.3-1ubuntu0.1~22.04.1) |
87 | -lunar_golang-1.20: released (1.20.3-1ubuntu0.2) |
88 | -mantic_golang-1.20: released (1.20.8-1ubuntu0.23.10.1) |
89 | -noble_golang-1.20: DNE |
90 | -devel_golang-1.20: DNE |
91 | - |
92 | -Patches_golang-1.21: |
93 | -upstream_golang-1.21: released (1.21.5-1) |
94 | -trusty_golang-1.21: ignored (end of standard support) |
95 | -xenial_golang-1.21: ignored (end of standard support) |
96 | -bionic_golang-1.21: ignored (end of standard support) |
97 | -focal_golang-1.21: released (1.21.1-1~ubuntu20.04.2) |
98 | -jammy_golang-1.21: released (1.21.1-1~ubuntu22.04.2) |
99 | -lunar_golang-1.21: released (1.21.1-1~ubuntu23.04.2) |
100 | -mantic_golang-1.21: released (1.21.1-1ubuntu0.23.10.1) |
101 | -noble_golang-1.21: not-affected (1.21.5-1) |
102 | -esm-apps/noble_golang-1.21: not-affected (1.21.5-1) |
103 | -devel_golang-1.21: not-affected (1.21.5-1) |
104 | diff --git a/active/CVE-2023-46049 b/active/CVE-2023-46049 |
105 | deleted file mode 100644 |
106 | index 4194be4..0000000 |
107 | --- a/active/CVE-2023-46049 |
108 | +++ /dev/null |
109 | @@ -1,161 +0,0 @@ |
110 | -Candidate: CVE-2023-46049 |
111 | -PublicDate: 2024-03-27 06:15:00 UTC |
112 | -References: |
113 | - https://github.com/llvm/llvm-project/issues/67388 |
114 | - http://seclists.org/fulldisclosure/2024/Jan/66 |
115 | - https://llvm.org/docs/Security.html |
116 | - https://www.cve.org/CVERecord?id=CVE-2023-46049 |
117 | -Description: |
118 | - LLVM 15.0.0 has a NULL pointer dereference in the parseOneMetadata() |
119 | - function via a crafted pdflatex.fmt file (or perhaps a crafted .o file) to |
120 | - llvm-lto. NOTE: this is disputed because the relationship between |
121 | - pdflatex.fmt and any LLVM language front end is not explained, and because |
122 | - a crash of the llvm-lto application should be categorized as a usability |
123 | - problem. |
124 | -Ubuntu-Description: |
125 | -Notes: |
126 | - mdeslaur> Marking as not-affected as the CVE was disputed |
127 | -Mitigation: |
128 | -Bugs: |
129 | -Priority: medium |
130 | -Discovered-by: |
131 | -Assigned-to: |
132 | -CVSS: |
133 | - |
134 | -Patches_llvm-toolchain-3.5: |
135 | -upstream_llvm-toolchain-3.5: needs-triage |
136 | -esm-apps/xenial_llvm-toolchain-3.5: not-affected |
137 | -focal_llvm-toolchain-3.5: DNE |
138 | -jammy_llvm-toolchain-3.5: DNE |
139 | -mantic_llvm-toolchain-3.5: DNE |
140 | -noble_llvm-toolchain-3.5: DNE |
141 | -devel_llvm-toolchain-3.5: DNE |
142 | - |
143 | -Patches_llvm-toolchain-3.6: |
144 | -upstream_llvm-toolchain-3.6: needs-triage |
145 | -trusty/esm_llvm-toolchain-3.6: not-affected |
146 | -esm-infra/xenial_llvm-toolchain-3.6: not-affected |
147 | -focal_llvm-toolchain-3.6: DNE |
148 | -jammy_llvm-toolchain-3.6: DNE |
149 | -mantic_llvm-toolchain-3.6: DNE |
150 | -noble_llvm-toolchain-3.6: DNE |
151 | -devel_llvm-toolchain-3.6: DNE |
152 | - |
153 | -Patches_llvm-toolchain-3.7: |
154 | -upstream_llvm-toolchain-3.7: needs-triage |
155 | -esm-apps/xenial_llvm-toolchain-3.7: not-affected |
156 | -esm-apps/bionic_llvm-toolchain-3.7: not-affected |
157 | -focal_llvm-toolchain-3.7: DNE |
158 | -jammy_llvm-toolchain-3.7: DNE |
159 | -mantic_llvm-toolchain-3.7: DNE |
160 | -noble_llvm-toolchain-3.7: DNE |
161 | -devel_llvm-toolchain-3.7: DNE |
162 | - |
163 | -Patches_llvm-toolchain-3.8: |
164 | -upstream_llvm-toolchain-3.8: needs-triage |
165 | -trusty/esm_llvm-toolchain-3.8: not-affected |
166 | -esm-infra/xenial_llvm-toolchain-3.8: not-affected |
167 | -focal_llvm-toolchain-3.8: DNE |
168 | -jammy_llvm-toolchain-3.8: DNE |
169 | -mantic_llvm-toolchain-3.8: DNE |
170 | -noble_llvm-toolchain-3.8: DNE |
171 | -devel_llvm-toolchain-3.8: DNE |
172 | - |
173 | -Patches_llvm-toolchain-3.9: |
174 | -upstream_llvm-toolchain-3.9: needs-triage |
175 | -trusty/esm_llvm-toolchain-3.9: not-affected |
176 | -esm-apps/xenial_llvm-toolchain-3.9: not-affected |
177 | -esm-infra/bionic_llvm-toolchain-3.9: not-affected |
178 | -focal_llvm-toolchain-3.9: DNE |
179 | -jammy_llvm-toolchain-3.9: DNE |
180 | -mantic_llvm-toolchain-3.9: DNE |
181 | -noble_llvm-toolchain-3.9: DNE |
182 | -devel_llvm-toolchain-3.9: DNE |
183 | - |
184 | -Patches_llvm-toolchain-4.0: |
185 | -upstream_llvm-toolchain-4.0: needs-triage |
186 | -esm-infra/xenial_llvm-toolchain-4.0: not-affected |
187 | -esm-apps/bionic_llvm-toolchain-4.0: not-affected |
188 | -focal_llvm-toolchain-4.0: DNE |
189 | -jammy_llvm-toolchain-4.0: DNE |
190 | -mantic_llvm-toolchain-4.0: DNE |
191 | -noble_llvm-toolchain-4.0: DNE |
192 | -devel_llvm-toolchain-4.0: DNE |
193 | - |
194 | -Patches_llvm-toolchain-5.0: |
195 | -upstream_llvm-toolchain-5.0: needs-triage |
196 | -esm-infra/xenial_llvm-toolchain-5.0: not-affected |
197 | -esm-apps/bionic_llvm-toolchain-5.0: not-affected |
198 | -focal_llvm-toolchain-5.0: DNE |
199 | -jammy_llvm-toolchain-5.0: DNE |
200 | -mantic_llvm-toolchain-5.0: DNE |
201 | -noble_llvm-toolchain-5.0: DNE |
202 | -devel_llvm-toolchain-5.0: DNE |
203 | - |
204 | -Patches_llvm-toolchain-6.0: |
205 | -upstream_llvm-toolchain-6.0: needs-triage |
206 | -esm-infra/xenial_llvm-toolchain-6.0: not-affected |
207 | -esm-infra/bionic_llvm-toolchain-6.0: not-affected |
208 | -focal_llvm-toolchain-6.0: not-affected |
209 | -esm-apps/focal_llvm-toolchain-6.0: not-affected |
210 | -jammy_llvm-toolchain-6.0: DNE |
211 | -mantic_llvm-toolchain-6.0: DNE |
212 | -noble_llvm-toolchain-6.0: DNE |
213 | -devel_llvm-toolchain-6.0: DNE |
214 | - |
215 | -Patches_llvm-toolchain-7: |
216 | -upstream_llvm-toolchain-7: needs-triage |
217 | -esm-infra/bionic_llvm-toolchain-7: not-affected |
218 | -focal_llvm-toolchain-7: not-affected |
219 | -esm-apps/focal_llvm-toolchain-7: not-affected |
220 | -jammy_llvm-toolchain-7: DNE |
221 | -mantic_llvm-toolchain-7: DNE |
222 | -noble_llvm-toolchain-7: DNE |
223 | -devel_llvm-toolchain-7: DNE |
224 | - |
225 | -Patches_llvm-toolchain-8: |
226 | -upstream_llvm-toolchain-8: needs-triage |
227 | -esm-apps/xenial_llvm-toolchain-8: not-affected |
228 | -esm-infra/bionic_llvm-toolchain-8: not-affected |
229 | -focal_llvm-toolchain-8: not-affected |
230 | -esm-apps/focal_llvm-toolchain-8: not-affected |
231 | -jammy_llvm-toolchain-8: DNE |
232 | -mantic_llvm-toolchain-8: DNE |
233 | -noble_llvm-toolchain-8: DNE |
234 | -devel_llvm-toolchain-8: DNE |
235 | - |
236 | -Patches_llvm-toolchain-9: |
237 | -upstream_llvm-toolchain-9: needs-triage |
238 | -esm-infra/bionic_llvm-toolchain-9: not-affected |
239 | -focal_llvm-toolchain-9: not-affected |
240 | -jammy_llvm-toolchain-9: DNE |
241 | -mantic_llvm-toolchain-9: DNE |
242 | -noble_llvm-toolchain-9: DNE |
243 | -devel_llvm-toolchain-9: DNE |
244 | - |
245 | -Patches_llvm-toolchain-10: |
246 | -upstream_llvm-toolchain-10: not-affected |
247 | -esm-infra/bionic_llvm-toolchain-10: not-affected |
248 | -focal_llvm-toolchain-10: not-affected |
249 | -jammy_llvm-toolchain-10: DNE |
250 | -mantic_llvm-toolchain-10: DNE |
251 | -noble_llvm-toolchain-10: DNE |
252 | -devel_llvm-toolchain-10: DNE |
253 | - |
254 | -Patches_llvm-toolchain-11: |
255 | -upstream_llvm-toolchain-11: needs-triage |
256 | -focal_llvm-toolchain-11: not-affected |
257 | -jammy_llvm-toolchain-11: not-affected |
258 | -esm-apps/jammy_llvm-toolchain-11: not-affected |
259 | -mantic_llvm-toolchain-11: DNE |
260 | -noble_llvm-toolchain-11: DNE |
261 | -devel_llvm-toolchain-11: DNE |
262 | - |
263 | -Patches_llvm-toolchain-12: |
264 | -upstream_llvm-toolchain-12: needs-triage |
265 | -focal_llvm-toolchain-12: not-affected |
266 | -jammy_llvm-toolchain-12: not-affected |
267 | -esm-apps/jammy_llvm-toolchain-12: not-affected |
268 | -mantic_llvm-toolchain-12: DNE |
269 | -noble_llvm-toolchain-12: DNE |
270 | -devel_llvm-toolchain-12: DNE |
271 | diff --git a/active/CVE-2023-46219 b/active/CVE-2023-46219 |
272 | deleted file mode 100644 |
273 | index a07858d..0000000 |
274 | --- a/active/CVE-2023-46219 |
275 | +++ /dev/null |
276 | @@ -1,39 +0,0 @@ |
277 | -PublicDateAtUSN: 2023-12-06 07:00:00 UTC |
278 | -Candidate: CVE-2023-46219 |
279 | -PublicDate: 2023-12-12 02:15:00 UTC |
280 | -CRD: 2023-12-06 07:00:00 UTC |
281 | -References: |
282 | - https://curl.se/docs/CVE-2023-46219.html |
283 | - https://ubuntu.com/security/notices/USN-6535-1 |
284 | - https://www.cve.org/CVERecord?id=CVE-2023-46219 |
285 | -Description: |
286 | - When saving HSTS data to an excessively long file name, curl could end up |
287 | - removing all contents, making subsequent requests using that file unaware |
288 | - of the HSTS status they should otherwise use. |
289 | -Ubuntu-Description: |
290 | -Notes: |
291 | - mdeslaur> introduced in 7.84.0 |
292 | -Mitigation: |
293 | -Bugs: |
294 | -Priority: low |
295 | - Upstream determined this is a low-priority issue |
296 | -Discovered-by: Maksymilian Arciemowicz |
297 | -Assigned-to: |
298 | -CVSS: |
299 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N [5.3 MEDIUM] |
300 | - |
301 | -Patches_curl: |
302 | - upstream: https://github.com/curl/curl/commit/73b65e94f3531179de45 |
303 | -upstream_curl: released (8.5.0) |
304 | -trusty_curl: ignored (end of standard support) |
305 | -trusty/esm_curl: not-affected |
306 | -xenial_curl: ignored (end of standard support) |
307 | -esm-infra/xenial_curl: not-affected |
308 | -bionic_curl: ignored (end of standard support) |
309 | -esm-infra/bionic_curl: not-affected |
310 | -focal_curl: not-affected (7.68.0-1ubuntu2.20) |
311 | -jammy_curl: not-affected (7.81.0-1ubuntu1.14) |
312 | -lunar_curl: released (7.88.1-8ubuntu2.4) |
313 | -mantic_curl: released (8.2.1-1ubuntu3.2) |
314 | -noble_curl: released (8.5.0-2ubuntu1) |
315 | -devel_curl: released (8.5.0-2ubuntu1) |
316 | diff --git a/active/CVE-2023-46246 b/active/CVE-2023-46246 |
317 | deleted file mode 100644 |
318 | index ce5eb4d..0000000 |
319 | --- a/active/CVE-2023-46246 |
320 | +++ /dev/null |
321 | @@ -1,43 +0,0 @@ |
322 | -PublicDateAtUSN: 2023-10-27 19:15:00 UTC |
323 | -Candidate: CVE-2023-46246 |
324 | -PublicDate: 2023-10-27 19:15:00 UTC |
325 | -References: |
326 | - https://github.com/vim/vim/security/advisories/GHSA-q22m-h7m2-9mgm |
327 | - https://github.com/vim/vim/commit/9198c1f2b1ddecde22af918541e0de2a32f0f45a (v9.0.2068) |
328 | - https://github.com/vim/vim/commit/9198c1f2b1ddecde22af918541e0de2a32f0f45a |
329 | - https://ubuntu.com/security/notices/USN-6557-1 |
330 | - https://www.cve.org/CVERecord?id=CVE-2023-46246 |
331 | -Description: |
332 | - Vim is an improved version of the good old UNIX editor Vi. |
333 | - Heap-use-after-free in memory allocated in the function `ga_grow_inner` in |
334 | - in the file `src/alloc.c` at line 748, which is freed in the file |
335 | - `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used |
336 | - again in `src/cmdhist.c` at line 759. When using the `:history` command, |
337 | - it's possible that the provided argument overflows the accepted value. |
338 | - Causing an Integer Overflow and potentially later an use-after-free. This |
339 | - vulnerability has been patched in version 9.0.2068. |
340 | - |
341 | -Ubuntu-Description: |
342 | -Notes: |
343 | -Mitigation: |
344 | -Bugs: |
345 | -Priority: medium |
346 | -Discovered-by: |
347 | -Assigned-to: fabian |
348 | -CVSS: |
349 | - nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [5.5 MEDIUM] |
350 | - |
351 | -Patches_vim: |
352 | -upstream_vim: needs-triage |
353 | -trusty_vim: ignored (end of standard support) |
354 | -trusty/esm_vim: released (2:7.4.052-1ubuntu3.1+esm15) |
355 | -xenial_vim: ignored (end of standard support) |
356 | -esm-infra/xenial_vim: released (2:7.4.1689-3ubuntu1.5+esm22) |
357 | -bionic_vim: ignored (end of standard support) |
358 | -esm-infra/bionic_vim: released (2:8.0.1453-1ubuntu1.13+esm7) |
359 | -focal_vim: released (2:8.1.2269-1ubuntu5.21) |
360 | -jammy_vim: released (2:8.2.3995-1ubuntu2.15) |
361 | -lunar_vim: released (2:9.0.1000-4ubuntu3.3) |
362 | -mantic_vim: released (2:9.0.1672-1ubuntu2.2) |
363 | -noble_vim: not-affected (2:9.1.0-1ubuntu1) |
364 | -devel_vim: not-affected (2:9.1.0-1ubuntu1) |
365 | diff --git a/active/CVE-2023-4641 b/active/CVE-2023-4641 |
366 | deleted file mode 100644 |
367 | index 0abd3ae..0000000 |
368 | --- a/active/CVE-2023-4641 |
369 | +++ /dev/null |
370 | @@ -1,41 +0,0 @@ |
371 | -PublicDateAtUSN: 2023-12-27 16:15:00 UTC |
372 | -Candidate: CVE-2023-4641 |
373 | -PublicDate: 2023-12-27 16:15:00 UTC |
374 | -References: |
375 | - https://ubuntu.com/security/notices/USN-6640-1 |
376 | - https://www.cve.org/CVERecord?id=CVE-2023-4641 |
377 | -Description: |
378 | - A flaw was found in shadow-utils. When asking for a new password, |
379 | - shadow-utils asks the password twice. If the password fails on the second |
380 | - attempt, shadow-utils fails in cleaning the buffer used to store the first |
381 | - entry. This may allow an attacker with enough access to retrieve the |
382 | - password from the memory. |
383 | -Ubuntu-Description: |
384 | -Notes: |
385 | - alexmurray> Technically this doesn't seem able to be exploitable in practice |
386 | -Mitigation: |
387 | -Bugs: |
388 | - https://bugzilla.redhat.com/show_bug.cgi?id=2215945 |
389 | - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051062 |
390 | -Priority: low |
391 | - Unlikely attack scenario |
392 | -Discovered-by: |
393 | -Assigned-to: |
394 | -CVSS: |
395 | - nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N [5.5 MEDIUM] |
396 | - |
397 | -Patches_shadow: |
398 | - upstream: https://github.com/shadow-maint/shadow/commit/65c88a43a23c2391dcc90c0abda3e839e9c57904 |
399 | -upstream_shadow: released (1:4.13+dfsg1-2, 4.14.0) |
400 | -trusty_shadow: ignored (end of standard support) |
401 | -trusty/esm_shadow: released (1:4.1.5.1-1ubuntu9.5+esm4) |
402 | -xenial_shadow: ignored (end of standard support) |
403 | -esm-infra/xenial_shadow: released (1:4.2-3.1ubuntu5.5+esm4) |
404 | -bionic_shadow: ignored (end of standard support) |
405 | -esm-infra/bionic_shadow: released (1:4.5-1ubuntu2.5+esm1) |
406 | -focal_shadow: released (1:4.8.1-1ubuntu5.20.04.5) |
407 | -jammy_shadow: released (1:4.8.1-2ubuntu2.2) |
408 | -lunar_shadow: ignored (end of life, was needed) |
409 | -mantic_shadow: released (1:4.13+dfsg1-1ubuntu1.1) |
410 | -noble_shadow: not-affected (1:4.13+dfsg1-3ubuntu1) |
411 | -devel_shadow: not-affected (1:4.13+dfsg1-3ubuntu1) |
412 | diff --git a/active/CVE-2023-46751 b/active/CVE-2023-46751 |
413 | deleted file mode 100644 |
414 | index 86fee21..0000000 |
415 | --- a/active/CVE-2023-46751 |
416 | +++ /dev/null |
417 | @@ -1,38 +0,0 @@ |
418 | -PublicDateAtUSN: 2023-12-07 |
419 | -Candidate: CVE-2023-46751 |
420 | -PublicDate: 2023-12-06 20:15:00 UTC |
421 | -References: |
422 | - https://ubuntu.com/security/notices/USN-6551-1 |
423 | - https://www.cve.org/CVERecord?id=CVE-2023-46751 |
424 | -Description: |
425 | - An issue was discovered in the function gdev_prn_open_printer_seekable() in |
426 | - Artifex Ghostscript through 10.02.0 allows remote attackers to crash the |
427 | - application via a dangling pointer. |
428 | -Ubuntu-Description: |
429 | -Notes: |
430 | - mdeslaur> introduced by: |
431 | - mdeslaur> https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e1a3956f252404f07d93be47f7845b23e4a2c4de |
432 | -Mitigation: |
433 | -Bugs: |
434 | - https://bugs.ghostscript.com/show_bug.cgi?id=707264 (restricted) |
435 | -Priority: medium |
436 | -Discovered-by: |
437 | -Assigned-to: |
438 | -CVSS: |
439 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH] |
440 | - |
441 | -Patches_ghostscript: |
442 | - upstream: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=dcdbc595c13c9d11d235702dff46bb74c80f7698 |
443 | - upstream: https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5d2da96e81c7455338302c71a291088a8396245a (10.02.1) |
444 | -upstream_ghostscript: released (10.02.1~dfsg-1) |
445 | -trusty_ghostscript: ignored (end of standard support) |
446 | -xenial_ghostscript: ignored (end of standard support) |
447 | -esm-infra/xenial_ghostscript: not-affected |
448 | -bionic_ghostscript: ignored (end of standard support) |
449 | -esm-infra/bionic_ghostscript: not-affected |
450 | -focal_ghostscript: not-affected (9.50~dfsg-5ubuntu4.11) |
451 | -jammy_ghostscript: released (9.55.0~dfsg1-0ubuntu5.6) |
452 | -lunar_ghostscript: released (10.0.0~dfsg1-0ubuntu1.5) |
453 | -mantic_ghostscript: released (10.01.2~dfsg1-0ubuntu2.2) |
454 | -noble_ghostscript: released (10.02.1~dfsg1-0ubuntu1) |
455 | -devel_ghostscript: released (10.02.1~dfsg1-0ubuntu1) |
456 | diff --git a/active/CVE-2023-47470 b/active/CVE-2023-47470 |
457 | deleted file mode 100644 |
458 | index d2e2b5f..0000000 |
459 | --- a/active/CVE-2023-47470 |
460 | +++ /dev/null |
461 | @@ -1,39 +0,0 @@ |
462 | -Candidate: CVE-2023-47470 |
463 | -PublicDate: 2023-11-16 03:15:00 UTC |
464 | -References: |
465 | - https://patchwork.ffmpeg.org/project/ffmpeg/patch/20230915131147.5945-2-michael%40niedermayer.cc/ |
466 | - https://github.com/goldds96/Report/tree/main/FFmpeg |
467 | - https://github.com/FFmpeg/FFmpeg/commit/4565747056a11356210ed8edcecb920105e40b60 |
468 | - https://www.cve.org/CVERecord?id=CVE-2023-47470 |
469 | -Description: |
470 | - Buffer Overflow vulnerability in Ffmpeg before github commit |
471 | - 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to |
472 | - achieve an out-of-array write, execute arbitrary code, and cause a denial |
473 | - of service (DoS) via the ref_pic_list_struct function in |
474 | - libavcodec/evc_ps.c |
475 | -Ubuntu-Description: |
476 | -Notes: |
477 | -Mitigation: |
478 | -Bugs: |
479 | -Priority: medium |
480 | -Discovered-by: |
481 | -Assigned-to: |
482 | -CVSS: |
483 | - nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [7.8 HIGH] |
484 | - |
485 | -Patches_ffmpeg: |
486 | -upstream_ffmpeg: not-affected (debian: Vulnerable code not in any Debian released version) |
487 | -trusty_ffmpeg: ignored (end of standard support) |
488 | -xenial_ffmpeg: ignored (end of standard support) |
489 | -esm-apps/xenial_ffmpeg: not-affected (code not present) |
490 | -bionic_ffmpeg: ignored (end of standard support) |
491 | -esm-apps/bionic_ffmpeg: not-affected (code not present) |
492 | -focal_ffmpeg: not-affected (code not present) |
493 | -esm-apps/focal_ffmpeg: not-affected (code not present) |
494 | -jammy_ffmpeg: not-affected (code not present) |
495 | -esm-apps/jammy_ffmpeg: not-affected (code not present) |
496 | -lunar_ffmpeg: not-affected (code not present) |
497 | -mantic_ffmpeg: not-affected (code not present) |
498 | -noble_ffmpeg: not-affected (7:6.1-3ubuntu1) |
499 | -esm-apps/noble_ffmpeg: not-affected (7:6.1-3ubuntu1) |
500 | -devel_ffmpeg: not-affected (7:6.1-3ubuntu1) |
501 | diff --git a/active/CVE-2023-47471 b/active/CVE-2023-47471 |
502 | deleted file mode 100644 |
503 | index 7bfe0ec..0000000 |
504 | --- a/active/CVE-2023-47471 |
505 | +++ /dev/null |
506 | @@ -1,37 +0,0 @@ |
507 | -PublicDateAtUSN: 2023-11-16 04:15:00 UTC |
508 | -Candidate: CVE-2023-47471 |
509 | -PublicDate: 2023-11-16 04:15:00 UTC |
510 | -References: |
511 | - https://github.com/strukturag/libde265/issues/426 |
512 | - https://github.com/strukturag/libde265/commit/e36b4a1b0bafa53df47514c419d5be3e8916ebc7 |
513 | - https://ubuntu.com/security/notices/USN-6677-1 |
514 | - https://www.cve.org/CVERecord?id=CVE-2023-47471 |
515 | -Description: |
516 | - Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a |
517 | - local attacker to cause a denial of service via the slice_segment_header |
518 | - function in the slice.cc component. |
519 | -Ubuntu-Description: |
520 | -Notes: |
521 | -Mitigation: |
522 | -Bugs: |
523 | -Priority: medium |
524 | -Discovered-by: |
525 | -Assigned-to: fabian |
526 | -CVSS: |
527 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [6.5 MEDIUM] |
528 | - |
529 | -Patches_libde265: |
530 | -upstream_libde265: needs-triage |
531 | -trusty_libde265: ignored (end of standard support) |
532 | -xenial_libde265: ignored (end of standard support) |
533 | -esm-apps/xenial_libde265: released (1.0.2-2ubuntu0.16.04.1~esm4) |
534 | -bionic_libde265: ignored (end of standard support) |
535 | -esm-apps/bionic_libde265: released (1.0.2-2ubuntu0.18.04.1~esm4) |
536 | -focal_libde265: released (1.0.4-1ubuntu0.4) |
537 | -esm-apps/focal_libde265: not-affected (1.0.4-1ubuntu0.4) |
538 | -jammy_libde265: released (1.0.8-1ubuntu0.3) |
539 | -esm-apps/jammy_libde265: not-affected (1.0.8-1ubuntu0.3) |
540 | -lunar_libde265: ignored (end of life, was needs-triage) |
541 | -mantic_libde265: released (1.0.12-2ubuntu0.1) |
542 | -noble_libde265: not-affected |
543 | -devel_libde265: not-affected |
544 | diff --git a/active/CVE-2023-48426 b/active/CVE-2023-48426 |
545 | deleted file mode 100644 |
546 | index aac98e3..0000000 |
547 | --- a/active/CVE-2023-48426 |
548 | +++ /dev/null |
549 | @@ -1,38 +0,0 @@ |
550 | -Candidate: CVE-2023-48426 |
551 | -PublicDate: 2024-04-05 16:15:00 UTC |
552 | -References: |
553 | - https://source.android.com/docs/security/bulletin/chromecast/2023-12-01 |
554 | - https://www.cve.org/CVERecord?id=CVE-2023-48426 |
555 | -Description: |
556 | - u-boot bug that allows for u-boot shell and interrupt over UART |
557 | - |
558 | -Ubuntu-Description: |
559 | -Notes: |
560 | - mdeslaur> This is a chromecast issue, likely doesn't affected u-boot in |
561 | - mdeslaur> Ubuntu. Marking as not-affected. |
562 | -Mitigation: |
563 | -Bugs: |
564 | -Priority: medium |
565 | -Discovered-by: |
566 | -Assigned-to: |
567 | -CVSS: |
568 | - |
569 | -Patches_u-boot: |
570 | -upstream_u-boot: needs-triage |
571 | -esm-infra/xenial_u-boot: not-affected |
572 | -esm-infra/bionic_u-boot: not-affected |
573 | -focal_u-boot: not-affected |
574 | -jammy_u-boot: not-affected |
575 | -mantic_u-boot: not-affected |
576 | -noble_u-boot: not-affected |
577 | -devel_u-boot: not-affected |
578 | - |
579 | -Patches_u-boot-nezha: |
580 | -upstream_u-boot-nezha: needs-triage |
581 | -focal_u-boot-nezha: DNE |
582 | -jammy_u-boot-nezha: not-affected |
583 | -esm-apps/jammy_u-boot-nezha: not-affected |
584 | -mantic_u-boot-nezha: not-affected |
585 | -noble_u-boot-nezha: not-affected |
586 | -esm-apps/noble_u-boot-nezha: not-affected |
587 | -devel_u-boot-nezha: not-affected |
588 | diff --git a/active/CVE-2023-4863 b/active/CVE-2023-4863 |
589 | deleted file mode 100644 |
590 | index b0d0d4d..0000000 |
591 | --- a/active/CVE-2023-4863 |
592 | +++ /dev/null |
593 | @@ -1,97 +0,0 @@ |
594 | -PublicDateAtUSN: 2023-09-12 15:15:00 UTC |
595 | -Candidate: CVE-2023-4863 |
596 | -PublicDate: 2023-09-12 15:15:00 UTC |
597 | -References: |
598 | - https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html |
599 | - https://chromium.googlesource.com/webm/libwebp.git/+/902bc9190331343b2017211debcec8d2ab87e17a |
600 | - https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/ |
601 | - https://ubuntu.com/security/notices/USN-6367-1 |
602 | - https://ubuntu.com/security/notices/USN-6368-1 |
603 | - https://ubuntu.com/security/notices/USN-6369-1 |
604 | - https://blog.isosceles.com/the-webp-0day/ |
605 | - https://ubuntu.com/security/notices/USN-6369-2 |
606 | - https://www.cve.org/CVERecord?id=CVE-2023-4863 |
607 | -Description: |
608 | - Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 |
609 | - and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds |
610 | - memory write via a crafted HTML page. (Chromium security severity: |
611 | - Critical) |
612 | -Ubuntu-Description: |
613 | -Notes: |
614 | - alexmurray> The Debian chromium source package is called chromium-browser |
615 | - alexmurray> in Ubuntu |
616 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
617 | - mdeslaur> a script that installs the Chromium snap |
618 | - rodrigo-zaiden> in libwebp source, it seems like the affected versions |
619 | - starts from 0.5.0, with a high probability that the commit f75dfbf2 is |
620 | - the one adding the issue. I can be wrong in my assumption but, at least, |
621 | - the reproducer available in the the-webp-0day blog post, reproduces in |
622 | - 0.5.0 but not in 0.4.4, and the buffer huffman_tables was added in the |
623 | - mentioned commit. |
624 | - rodrigo-zaiden> in Ubuntu, libwebp versions earlier than 0.5.0 does not |
625 | - contain the affected code, hence are probably not affected. |
626 | -Mitigation: |
627 | -Bugs: |
628 | - https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/2035220 |
629 | - https://bugs.chromium.org/p/chromium/issues/detail?id=1479274 |
630 | -Priority: medium |
631 | -Discovered-by: |
632 | -Assigned-to: |
633 | -CVSS: |
634 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH] |
635 | - |
636 | -Patches_chromium-browser: |
637 | -upstream_chromium-browser: released |
638 | -trusty_chromium-browser: ignored (end of standard support) |
639 | -xenial_chromium-browser: ignored (end of standard support) |
640 | -bionic_chromium-browser: ignored (end of standard support) |
641 | -focal_chromium-browser: not-affected (code not present) |
642 | -jammy_chromium-browser: not-affected (code not present) |
643 | -lunar_chromium-browser: not-affected (code not present) |
644 | -mantic_chromium-browser: not-affected (code not present) |
645 | -noble_chromium-browser: not-affected (code not present) |
646 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
647 | -devel_chromium-browser: not-affected (code not present) |
648 | - |
649 | -Patches_libwebp: |
650 | - upstream: https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a (main) |
651 | - upstream: https://github.com/webmproject/libwebp/commit/8bacd63a6de1cc091f85a1692390401e7bbf55ac (1.2.4) |
652 | - upstream: https://github.com/webmproject/libwebp/commit/801d2be12dba966233c21f850490203eb1acf014 (1.2.2) |
653 | -upstream_libwebp: needs-triage |
654 | -trusty_libwebp: ignored (end of standard support) |
655 | -trusty/esm_libwebp: not-affected (code not present) |
656 | -xenial_libwebp: ignored (end of standard support) |
657 | -esm-infra/xenial_libwebp: not-affected (code not present) |
658 | -bionic_libwebp: ignored (end of standard support) |
659 | -esm-infra/bionic_libwebp: released (0.6.1-2ubuntu0.18.04.2+esm1) |
660 | -focal_libwebp: released (0.6.1-2ubuntu0.20.04.3) |
661 | -jammy_libwebp: released (1.2.2-2ubuntu0.22.04.2) |
662 | -lunar_libwebp: released (1.2.4-0.1ubuntu0.23.04.2) |
663 | -mantic_libwebp: released (1.2.4-0.2ubuntu1) |
664 | -noble_libwebp: released (1.2.4-0.2ubuntu1) |
665 | -devel_libwebp: released (1.2.4-0.2ubuntu1) |
666 | - |
667 | -Patches_firefox: |
668 | -upstream_firefox: released (117.0.1) |
669 | -trusty_firefox: ignored (end of standard support) |
670 | -xenial_firefox: ignored (end of standard support) |
671 | -bionic_firefox: ignored (end of standard support) |
672 | -focal_firefox: released (117.0.1+build2-0ubuntu0.20.04.1) |
673 | -jammy_firefox: not-affected (code not present) |
674 | -lunar_firefox: not-affected (code not present) |
675 | -mantic_firefox: not-affected (code not present) |
676 | -noble_firefox: not-affected (code not present) |
677 | -devel_firefox: not-affected (code not present) |
678 | - |
679 | -Patches_thunderbird: |
680 | -upstream_thunderbird: released (115.2.2) |
681 | -trusty_thunderbird: ignored (end of standard support) |
682 | -xenial_thunderbird: ignored (end of standard support) |
683 | -bionic_thunderbird: ignored (end of standard support) |
684 | -focal_thunderbird: released (1:102.15.1+build1-0ubuntu0.20.04.1) |
685 | -jammy_thunderbird: released (1:102.15.1+build1-0ubuntu0.22.04.1) |
686 | -lunar_thunderbird: released (1:102.15.1+build1-0ubuntu0.23.04.1) |
687 | -mantic_thunderbird: released (1:115.2.3+build1-0ubuntu1) |
688 | -noble_thunderbird: released (1:115.2.3+build1-0ubuntu1) |
689 | -devel_thunderbird: released (1:115.2.3+build1-0ubuntu1) |
690 | - |
691 | diff --git a/active/CVE-2023-48706 b/active/CVE-2023-48706 |
692 | deleted file mode 100644 |
693 | index 2c45f27..0000000 |
694 | --- a/active/CVE-2023-48706 |
695 | +++ /dev/null |
696 | @@ -1,45 +0,0 @@ |
697 | -PublicDateAtUSN: 2023-11-22 22:15:00 UTC |
698 | -Candidate: CVE-2023-48706 |
699 | -PublicDate: 2023-11-22 22:15:00 UTC |
700 | -References: |
701 | - https://github.com/vim/vim/security/advisories/GHSA-c8qm-x72m-q53q |
702 | - https://github.com/vim/vim/pull/13552 |
703 | - https://github.com/gandalf4a/crash_report/blob/main/vim/vim_huaf |
704 | - http://www.openwall.com/lists/oss-security/2023/11/22/3 |
705 | - https://ubuntu.com/security/notices/USN-6557-1 |
706 | - https://www.cve.org/CVERecord?id=CVE-2023-48706 |
707 | -Description: |
708 | - Vim is a UNIX editor that, prior to version 9.0.2121, has a |
709 | - heap-use-after-free vulnerability. When executing a `:s` command for the |
710 | - very first time and using a sub-replace-special atom inside the |
711 | - substitution part, it is possible that the recursive `:s` call causes |
712 | - free-ing of memory which may later then be accessed by the initial `:s` |
713 | - command. The user must intentionally execute the payload and the whole |
714 | - process is a bit tricky to do since it seems to work only reliably for the |
715 | - very first :s command. It may also cause a crash of Vim. Version 9.0.2121 |
716 | - contains a fix for this issue. |
717 | -Ubuntu-Description: |
718 | -Notes: |
719 | -Mitigation: |
720 | -Bugs: |
721 | -Priority: medium |
722 | -Discovered-by: |
723 | -Assigned-to: fabian |
724 | -CVSS: |
725 | - nvd: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H [4.7 MEDIUM] |
726 | - |
727 | -Patches_vim: |
728 | - upstream: https://github.com/vim/vim/commit/26c11c56888d01e298cd8044caf860f3c26f57bb |
729 | -upstream_vim: released (9.0.2121) |
730 | -trusty_vim: ignored (end of standard support) |
731 | -trusty/esm_vim: not-affected (code not present) |
732 | -xenial_vim: ignored (end of standard support) |
733 | -esm-infra/xenial_vim: not-affected (code not present) |
734 | -bionic_vim: ignored (end of standard support) |
735 | -esm-infra/bionic_vim: not-affected (code not present) |
736 | -focal_vim: not-affected (code not present) |
737 | -jammy_vim: released (2:8.2.3995-1ubuntu2.15) |
738 | -lunar_vim: released (2:9.0.1000-4ubuntu3.3) |
739 | -mantic_vim: released (2:9.0.1672-1ubuntu2.2) |
740 | -noble_vim: released (2:9.0.2116-1ubuntu2) |
741 | -devel_vim: released (2:9.0.2116-1ubuntu2) |
742 | diff --git a/active/CVE-2023-4911 b/active/CVE-2023-4911 |
743 | deleted file mode 100644 |
744 | index 2079008..0000000 |
745 | --- a/active/CVE-2023-4911 |
746 | +++ /dev/null |
747 | @@ -1,54 +0,0 @@ |
748 | -PublicDateAtUSN: 2023-10-03 17:00:00 UTC |
749 | -Candidate: CVE-2023-4911 |
750 | -PublicDate: 2023-10-03 18:15:00 UTC |
751 | -CRD: 2023-10-03 17:00:00 UTC |
752 | -References: |
753 | - https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt |
754 | - https://ubuntu.com/security/notices/USN-6409-1 |
755 | - https://www.cve.org/CVERecord?id=CVE-2023-4911 |
756 | -Description: |
757 | - A buffer overflow was discovered in the GNU C Library's dynamic loader |
758 | - ld.so while processing the GLIBC_TUNABLES environment variable. This issue |
759 | - could allow a local attacker to use maliciously crafted GLIBC_TUNABLES |
760 | - environment variables when launching binaries with SUID permission to |
761 | - execute code with elevated privileges. |
762 | -Ubuntu-Description: |
763 | -Notes: |
764 | - alexmurray> Upstream advisory states this was introduced in April 2021 |
765 | - (glibc 2.34) by commit 2ed18c5b534d9e92fc006202a5af0df6b72e7aca |
766 | -Mitigation: |
767 | -Bugs: |
768 | -Priority: high |
769 | - Local privilege escalation in a package that is installed on all Ubuntu |
770 | - instances. |
771 | -Discovered-by: Qualys |
772 | -Assigned-to: |
773 | -CVSS: |
774 | - nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [7.8 HIGH] |
775 | - |
776 | -Patches_glibc: |
777 | -upstream_glibc: needs-triage |
778 | -trusty_glibc: ignored (end of standard support) |
779 | -xenial_glibc: ignored (end of standard support) |
780 | -esm-infra/xenial_glibc: not-affected (code not present) |
781 | -bionic_glibc: ignored (end of standard support) |
782 | -esm-infra/bionic_glibc: not-affected (code not present) |
783 | -focal_glibc: not-affected (code not present) |
784 | -jammy_glibc: released (2.35-0ubuntu3.4) |
785 | -lunar_glibc: released (2.37-0ubuntu2.1) |
786 | -mantic_glibc: released (2.38-1ubuntu6) |
787 | -noble_glibc: released (2.38-1ubuntu6) |
788 | -devel_glibc: released (2.38-1ubuntu6) |
789 | - |
790 | -Patches_eglibc: |
791 | -upstream_eglibc: needs-triage |
792 | -trusty_eglibc: ignored (end of standard support) |
793 | -trusty/esm_eglibc: not-affected (code not present) |
794 | -xenial_eglibc: DNE |
795 | -bionic_eglibc: DNE |
796 | -focal_eglibc: DNE |
797 | -jammy_eglibc: DNE |
798 | -lunar_eglibc: DNE |
799 | -mantic_eglibc: DNE |
800 | -noble_eglibc: DNE |
801 | -devel_eglibc: DNE |
802 | diff --git a/active/CVE-2023-49355 b/active/CVE-2023-49355 |
803 | deleted file mode 100644 |
804 | index 324018e..0000000 |
805 | --- a/active/CVE-2023-49355 |
806 | +++ /dev/null |
807 | @@ -1,39 +0,0 @@ |
808 | -Candidate: CVE-2023-49355 |
809 | -PublicDate: 2023-12-11 07:15:00 UTC |
810 | -References: |
811 | - https://github.com/linzc21/bug-reports/blob/main/reports/jq/1.7-37-g88f01a7/heap-buffer-overflow/CVE-2023-49355.md |
812 | - https://github.com/jqlang/jq/tree/88f01a741c8d63c4d1b5bc3ef61520c6eb93edaa |
813 | - https://github.com/jqlang/jq/blob/88f01a741c8d63c4d1b5bc3ef61520c6eb93edaa/src/decNumber/decNumber.c#L3764 |
814 | - https://www.cve.org/CVERecord?id=CVE-2023-49355 |
815 | -Description: |
816 | - decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte |
817 | - out-of-bounds write via the " []-1.2e-1111111111" input. NOTE: this is not |
818 | - the same as CVE-2023-50246. The CVE-2023-50246 71c2ab5 reference mentions |
819 | - -10E-1000010001, which is not in normalized scientific notation. |
820 | -Ubuntu-Description: |
821 | -Notes: |
822 | - fabian> Its a duplicate of CVE-2023-50246 according to |
823 | - https://github.com/jqlang/jq/issues/2986. |
824 | -Mitigation: |
825 | -Bugs: |
826 | -Priority: medium |
827 | -Discovered-by: |
828 | -Assigned-to: |
829 | -CVSS: |
830 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH] |
831 | - |
832 | -Patches_jq: |
833 | -upstream_jq: released (1.7.1-1) |
834 | -trusty_jq: ignored (end of standard support) |
835 | -trusty/esm_jq: not-affected (code not present) |
836 | -xenial_jq: ignored (end of standard support) |
837 | -esm-apps/xenial_jq: not-affected (code not present) |
838 | -bionic_jq: ignored (end of standard support) |
839 | -esm-apps/bionic_jq: not-affected (code not present) |
840 | -focal_jq: not-affected (code not present) |
841 | -esm-apps/focal_jq: not-affected (code not present) |
842 | -jammy_jq: not-affected (code not present) |
843 | -lunar_jq: not-affected (code not present) |
844 | -mantic_jq: not-affected (code not present) |
845 | -noble_jq: not-affected (1.7.1-2) |
846 | -devel_jq: not-affected (1.7.1-2) |
847 | diff --git a/active/CVE-2023-49465 b/active/CVE-2023-49465 |
848 | deleted file mode 100644 |
849 | index 88c6dd9..0000000 |
850 | --- a/active/CVE-2023-49465 |
851 | +++ /dev/null |
852 | @@ -1,36 +0,0 @@ |
853 | -PublicDateAtUSN: 2023-12-07 20:15:00 UTC |
854 | -Candidate: CVE-2023-49465 |
855 | -PublicDate: 2023-12-07 20:15:00 UTC |
856 | -References: |
857 | - https://github.com/strukturag/libde265/issues/435 |
858 | - https://ubuntu.com/security/notices/USN-6677-1 |
859 | - https://www.cve.org/CVERecord?id=CVE-2023-49465 |
860 | -Description: |
861 | - Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow |
862 | - vulnerability in the derive_spatial_luma_vector_prediction function at |
863 | - motion.cc. |
864 | -Ubuntu-Description: |
865 | -Notes: |
866 | -Mitigation: |
867 | -Bugs: |
868 | -Priority: medium |
869 | -Discovered-by: |
870 | -Assigned-to: fabian |
871 | -CVSS: |
872 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH] |
873 | - |
874 | -Patches_libde265: |
875 | -upstream_libde265: needs-triage |
876 | -trusty_libde265: ignored (end of standard support) |
877 | -xenial_libde265: ignored (end of standard support) |
878 | -esm-apps/xenial_libde265: released (1.0.2-2ubuntu0.16.04.1~esm4) |
879 | -bionic_libde265: ignored (end of standard support) |
880 | -esm-apps/bionic_libde265: released (1.0.2-2ubuntu0.18.04.1~esm4) |
881 | -focal_libde265: released (1.0.4-1ubuntu0.4) |
882 | -esm-apps/focal_libde265: not-affected (1.0.4-1ubuntu0.4) |
883 | -jammy_libde265: released (1.0.8-1ubuntu0.3) |
884 | -esm-apps/jammy_libde265: not-affected (1.0.8-1ubuntu0.3) |
885 | -lunar_libde265: ignored (end of life, was needs-triage) |
886 | -mantic_libde265: released (1.0.12-2ubuntu0.1) |
887 | -noble_libde265: not-affected |
888 | -devel_libde265: not-affected |
889 | diff --git a/active/CVE-2023-49467 b/active/CVE-2023-49467 |
890 | deleted file mode 100644 |
891 | index 7f7cb91..0000000 |
892 | --- a/active/CVE-2023-49467 |
893 | +++ /dev/null |
894 | @@ -1,36 +0,0 @@ |
895 | -PublicDateAtUSN: 2023-12-07 20:15:00 UTC |
896 | -Candidate: CVE-2023-49467 |
897 | -PublicDate: 2023-12-07 20:15:00 UTC |
898 | -References: |
899 | - https://github.com/strukturag/libde265/issues/434 |
900 | - https://ubuntu.com/security/notices/USN-6677-1 |
901 | - https://www.cve.org/CVERecord?id=CVE-2023-49467 |
902 | -Description: |
903 | - Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow |
904 | - vulnerability in the derive_combined_bipredictive_merging_candidates |
905 | - function at motion.cc. |
906 | -Ubuntu-Description: |
907 | -Notes: |
908 | -Mitigation: |
909 | -Bugs: |
910 | -Priority: medium |
911 | -Discovered-by: |
912 | -Assigned-to: fabian |
913 | -CVSS: |
914 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH] |
915 | - |
916 | -Patches_libde265: |
917 | -upstream_libde265: needs-triage |
918 | -trusty_libde265: ignored (end of standard support) |
919 | -xenial_libde265: ignored (end of standard support) |
920 | -esm-apps/xenial_libde265: released (1.0.2-2ubuntu0.16.04.1~esm4) |
921 | -bionic_libde265: ignored (end of standard support) |
922 | -esm-apps/bionic_libde265: released (1.0.2-2ubuntu0.18.04.1~esm4) |
923 | -focal_libde265: released (1.0.4-1ubuntu0.4) |
924 | -esm-apps/focal_libde265: not-affected (1.0.4-1ubuntu0.4) |
925 | -jammy_libde265: released (1.0.8-1ubuntu0.3) |
926 | -esm-apps/jammy_libde265: not-affected (1.0.8-1ubuntu0.3) |
927 | -lunar_libde265: ignored (end of life, was needs-triage) |
928 | -mantic_libde265: released (1.0.12-2ubuntu0.1) |
929 | -noble_libde265: not-affected |
930 | -devel_libde265: not-affected |
931 | diff --git a/active/CVE-2023-49468 b/active/CVE-2023-49468 |
932 | deleted file mode 100644 |
933 | index 160b32a..0000000 |
934 | --- a/active/CVE-2023-49468 |
935 | +++ /dev/null |
936 | @@ -1,35 +0,0 @@ |
937 | -PublicDateAtUSN: 2023-12-07 20:15:00 UTC |
938 | -Candidate: CVE-2023-49468 |
939 | -PublicDate: 2023-12-07 20:15:00 UTC |
940 | -References: |
941 | - https://github.com/strukturag/libde265/issues/432 |
942 | - https://ubuntu.com/security/notices/USN-6677-1 |
943 | - https://www.cve.org/CVERecord?id=CVE-2023-49468 |
944 | -Description: |
945 | - Libde265 v1.0.14 was discovered to contain a global buffer overflow |
946 | - vulnerability in the read_coding_unit function at slice.cc. |
947 | -Ubuntu-Description: |
948 | -Notes: |
949 | -Mitigation: |
950 | -Bugs: |
951 | -Priority: medium |
952 | -Discovered-by: |
953 | -Assigned-to: fabian |
954 | -CVSS: |
955 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH] |
956 | - |
957 | -Patches_libde265: |
958 | -upstream_libde265: needs-triage |
959 | -trusty_libde265: ignored (end of standard support) |
960 | -xenial_libde265: ignored (end of standard support) |
961 | -esm-apps/xenial_libde265: released (1.0.2-2ubuntu0.16.04.1~esm4) |
962 | -bionic_libde265: ignored (end of standard support) |
963 | -esm-apps/bionic_libde265: released (1.0.2-2ubuntu0.18.04.1~esm4) |
964 | -focal_libde265: released (1.0.4-1ubuntu0.4) |
965 | -esm-apps/focal_libde265: not-affected (1.0.4-1ubuntu0.4) |
966 | -jammy_libde265: released (1.0.8-1ubuntu0.3) |
967 | -esm-apps/jammy_libde265: not-affected (1.0.8-1ubuntu0.3) |
968 | -lunar_libde265: ignored (end of life, was needs-triage) |
969 | -mantic_libde265: released (1.0.12-2ubuntu0.1) |
970 | -noble_libde265: not-affected |
971 | -devel_libde265: not-affected |
972 | diff --git a/active/CVE-2023-4949 b/active/CVE-2023-4949 |
973 | deleted file mode 100644 |
974 | index f811f47..0000000 |
975 | --- a/active/CVE-2023-4949 |
976 | +++ /dev/null |
977 | @@ -1,34 +0,0 @@ |
978 | -Candidate: CVE-2023-4949 |
979 | -PublicDate: 2023-11-10 17:15:00 UTC |
980 | -References: |
981 | - https://xenbits.xenproject.org/xsa/advisory-443.html |
982 | - https://www.cve.org/CVERecord?id=CVE-2023-4949 |
983 | -Description: |
984 | - An attacker with local access to a system (either through a disk or |
985 | - external drive) can present a modified XFS partition to grub-legacy in such |
986 | - a way to exploit a memory corruption in grub’s XFS file system |
987 | - implementation. |
988 | -Ubuntu-Description: |
989 | -Notes: |
990 | - eslerm> does not impact secure boot |
991 | -Mitigation: |
992 | -Bugs: |
993 | -Priority: medium |
994 | -Discovered-by: |
995 | -Assigned-to: |
996 | -CVSS: |
997 | - nvd: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H [6.7 MEDIUM] |
998 | - |
999 | -Patches_grub: |
1000 | -upstream_grub: needs-triage |
1001 | -trusty_grub: ignored (end of standard support) |
1002 | -trusty/esm_grub: not-affected (does not affect Secure Boot) |
1003 | -xenial_grub: ignored (end of standard support) |
1004 | -esm-infra/xenial_grub: not-affected (does not affect Secure Boot) |
1005 | -bionic_grub: ignored (end of standard support) |
1006 | -focal_grub: DNE |
1007 | -jammy_grub: DNE |
1008 | -lunar_grub: DNE |
1009 | -mantic_grub: DNE |
1010 | -noble_grub: DNE |
1011 | -devel_grub: DNE |
1012 | diff --git a/active/CVE-2023-49721 b/active/CVE-2023-49721 |
1013 | deleted file mode 100644 |
1014 | index d8a4843..0000000 |
1015 | --- a/active/CVE-2023-49721 |
1016 | +++ /dev/null |
1017 | @@ -1,35 +0,0 @@ |
1018 | -Candidate: CVE-2023-49721 |
1019 | -PublicDate: 2024-02-14 22:15:00 UTC |
1020 | -CRD: 2024-02-14 |
1021 | -References: |
1022 | - https://www.openwall.com/lists/oss-security/2024/02/14/4 |
1023 | - https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137 |
1024 | - https://www.cve.org/CVERecord?id=CVE-2023-49721 |
1025 | -Description: |
1026 | - An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. |
1027 | - This allows an OS-resident attacker to bypass Secure Boot. |
1028 | -Ubuntu-Description: |
1029 | -Notes: |
1030 | -Mitigation: |
1031 | -Bugs: |
1032 | - https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139 |
1033 | -Priority: medium |
1034 | -Discovered-by: Mate Kukri |
1035 | -Assigned-to: |
1036 | -CVSS: |
1037 | - ubuntu: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H [6.7 MEDIUM] |
1038 | - |
1039 | -Patches_lxd: |
1040 | -upstream_lxd: needs-triage |
1041 | -trusty_lxd: ignored (end of standard support) |
1042 | -xenial_lxd: ignored (end of standard support) |
1043 | -esm-infra/xenial_lxd: not-affected (code not present) |
1044 | -bionic_lxd: ignored (end of standard support) |
1045 | -esm-infra/bionic_lxd: not-affected (code not present) |
1046 | -focal_lxd: not-affected (code not present) |
1047 | -esm-apps/focal_lxd: not-affected (code not present) |
1048 | -jammy_lxd: DNE |
1049 | -lunar_lxd: DNE |
1050 | -mantic_lxd: DNE |
1051 | -noble_lxd: DNE |
1052 | -devel_lxd: DNE |
1053 | diff --git a/active/CVE-2023-50246 b/active/CVE-2023-50246 |
1054 | deleted file mode 100644 |
1055 | index 25e4a32..0000000 |
1056 | --- a/active/CVE-2023-50246 |
1057 | +++ /dev/null |
1058 | @@ -1,35 +0,0 @@ |
1059 | -Candidate: CVE-2023-50246 |
1060 | -PublicDate: 2023-12-13 21:15:00 UTC |
1061 | -References: |
1062 | - https://github.com/jqlang/jq/security/advisories/GHSA-686w-5m7m-54vc |
1063 | - https://github.com/jqlang/jq/commit/71c2ab509a8628dbbad4bc7b3f98a64aa90d3297 |
1064 | - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64574 |
1065 | - https://www.cve.org/CVERecord?id=CVE-2023-50246 |
1066 | -Description: |
1067 | - jq is a command-line JSON processor. Version 1.7 is vulnerable to |
1068 | - heap-based buffer overflow. Version 1.7.1 contains a patch for this issue. |
1069 | -Ubuntu-Description: |
1070 | -Notes: |
1071 | -Mitigation: |
1072 | -Bugs: |
1073 | -Priority: medium |
1074 | -Discovered-by: |
1075 | -Assigned-to: |
1076 | -CVSS: |
1077 | - nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [5.5 MEDIUM] |
1078 | - |
1079 | -Patches_jq: |
1080 | -upstream_jq: released (1.7.1-1) |
1081 | -trusty_jq: ignored (end of standard support) |
1082 | -trusty/esm_jq: not-affected (code not present) |
1083 | -xenial_jq: ignored (end of standard support) |
1084 | -esm-apps/xenial_jq: not-affected (code not present) |
1085 | -bionic_jq: ignored (end of standard support) |
1086 | -esm-apps/bionic_jq: not-affected (code not present) |
1087 | -focal_jq: not-affected (code not present) |
1088 | -esm-apps/focal_jq: not-affected (code not present) |
1089 | -jammy_jq: not-affected (code not present) |
1090 | -lunar_jq: not-affected (code not present) |
1091 | -mantic_jq: not-affected (code not present) |
1092 | -noble_jq: not-affected (1.7.1-2) |
1093 | -devel_jq: not-affected (1.7.1-2) |
1094 | diff --git a/active/CVE-2023-50268 b/active/CVE-2023-50268 |
1095 | deleted file mode 100644 |
1096 | index 33d3d1f..0000000 |
1097 | --- a/active/CVE-2023-50268 |
1098 | +++ /dev/null |
1099 | @@ -1,37 +0,0 @@ |
1100 | -Candidate: CVE-2023-50268 |
1101 | -PublicDate: 2023-12-13 21:15:00 UTC |
1102 | -References: |
1103 | - https://github.com/jqlang/jq/security/advisories/GHSA-7hmr-442f-qc8j |
1104 | - https://github.com/jqlang/jq/pull/2804 |
1105 | - https://github.com/jqlang/jq/commit/c9a51565214eece8f1053089739aea73145bfd6b |
1106 | - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64771 |
1107 | - https://www.cve.org/CVERecord?id=CVE-2023-50268 |
1108 | -Description: |
1109 | - jq is a command-line JSON processor. Version 1.7 is vulnerable to |
1110 | - stack-based buffer overflow in builds using decNumber. Version 1.7.1 |
1111 | - contains a patch for this issue. |
1112 | -Ubuntu-Description: |
1113 | -Notes: |
1114 | -Mitigation: |
1115 | -Bugs: |
1116 | -Priority: medium |
1117 | -Discovered-by: |
1118 | -Assigned-to: |
1119 | -CVSS: |
1120 | - nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [5.5 MEDIUM] |
1121 | - |
1122 | -Patches_jq: |
1123 | -upstream_jq: needs-triage |
1124 | -trusty_jq: ignored (end of standard support) |
1125 | -trusty/esm_jq: not-affected (code not present) |
1126 | -xenial_jq: ignored (end of standard support) |
1127 | -esm-apps/xenial_jq: not-affected (code not present) |
1128 | -bionic_jq: ignored (end of standard support) |
1129 | -esm-apps/bionic_jq: not-affected (code not present) |
1130 | -focal_jq: not-affected (code not present) |
1131 | -esm-apps/focal_jq: not-affected (code not present) |
1132 | -jammy_jq: not-affected (code not present) |
1133 | -lunar_jq: not-affected (code not present) |
1134 | -mantic_jq: not-affected (code not present) |
1135 | -noble_jq: released (1.7.1-2) |
1136 | -devel_jq: released (1.7.1-2) |
1137 | diff --git a/active/CVE-2023-50292 b/active/CVE-2023-50292 |
1138 | deleted file mode 100644 |
1139 | index 8a92da9..0000000 |
1140 | --- a/active/CVE-2023-50292 |
1141 | +++ /dev/null |
1142 | @@ -1,47 +0,0 @@ |
1143 | -Candidate: CVE-2023-50292 |
1144 | -PublicDate: 2024-02-09 18:15:00 UTC |
1145 | -References: |
1146 | - https://solr.apache.org/security.html#cve-2023-50292-apache-solr-schema-designer-blindly-trusts-all-configsets-possibly-leading-to-rce-by-unauthenticated-users |
1147 | - https://www.openwall.com/lists/oss-security/2024/02/09/3 |
1148 | - https://www.cve.org/CVERecord?id=CVE-2023-50292 |
1149 | -Description: |
1150 | - Incorrect Permission Assignment for Critical Resource, Improper Control of |
1151 | - Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue |
1152 | - affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. |
1153 | - The Schema Designer was introduced to allow users to more easily configure |
1154 | - and test new Schemas and configSets. However, when the feature was created, |
1155 | - the "trust" (authentication) of these configSets was not considered. |
1156 | - External library loading is only available to configSets that are "trusted" |
1157 | - (created by authenticated users), thus non-authenticated users are unable |
1158 | - to perform Remote Code Execution. Since the Schema Designer loaded |
1159 | - configSets without taking their "trust" into account, configSets that were |
1160 | - created by unauthenticated users were allowed to load external libraries |
1161 | - when used in the Schema Designer. Users are recommended to upgrade to |
1162 | - version 9.3.0, which fixes the issue. |
1163 | -Ubuntu-Description: |
1164 | -Notes: |
1165 | -Mitigation: |
1166 | -Bugs: |
1167 | -Priority: medium |
1168 | -Discovered-by: Skay |
1169 | -Assigned-to: |
1170 | -CVSS: |
1171 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N [7.5 HIGH] |
1172 | - |
1173 | - |
1174 | -Patches_lucene-solr: |
1175 | -upstream_lucene-solr: released (3.6.2+dfsg-23) |
1176 | -trusty_lucene-solr: ignored (end of standard support) |
1177 | -trusty/esm_lucene-solr: not-affected |
1178 | -xenial_lucene-solr: ignored (end of standard support) |
1179 | -esm-apps/xenial_lucene-solr: not-affected |
1180 | -bionic_lucene-solr: ignored (end of standard support) |
1181 | -esm-apps/bionic_lucene-solr: not-affected |
1182 | -focal_lucene-solr: not-affected |
1183 | -esm-apps/focal_lucene-solr: not-affected |
1184 | -jammy_lucene-solr: not-affected (3.6.2+dfsg-24) |
1185 | -esm-apps/jammy_lucene-solr: not-affected |
1186 | -mantic_lucene-solr: not-affected |
1187 | -noble_lucene-solr: not-affected |
1188 | -esm-apps/noble_lucene-solr: not-affected |
1189 | -devel_lucene-solr: not-affected |
1190 | diff --git a/active/CVE-2023-50298 b/active/CVE-2023-50298 |
1191 | deleted file mode 100644 |
1192 | index 008dc25..0000000 |
1193 | --- a/active/CVE-2023-50298 |
1194 | +++ /dev/null |
1195 | @@ -1,48 +0,0 @@ |
1196 | -Candidate: CVE-2023-50298 |
1197 | -PublicDate: 2024-02-09 18:15:00 UTC |
1198 | -References: |
1199 | - https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions |
1200 | - https://www.openwall.com/lists/oss-security/2024/02/09/2 |
1201 | - https://www.cve.org/CVERecord?id=CVE-2023-50298 |
1202 | -Description: |
1203 | - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in |
1204 | - Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from |
1205 | - 9.0.0 before 9.4.1. Solr Streaming Expressions allows users to extract data |
1206 | - from other Solr Clouds, using a "zkHost" parameter. When original SolrCloud |
1207 | - is setup to use ZooKeeper credentials and ACLs, they will be sent to |
1208 | - whatever "zkHost" the user provides. An attacker could setup a server to |
1209 | - mock ZooKeeper, that accepts ZooKeeper requests with credentials and ACLs |
1210 | - and extracts the sensitive information, then send a streaming expression |
1211 | - using the mock server's address in "zkHost". Streaming Expressions are |
1212 | - exposed via the "/streaming" handler, with "read" permissions. Users are |
1213 | - recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue. |
1214 | - From these versions on, only zkHost values that have the same server |
1215 | - address (regardless of chroot), will use the given ZooKeeper credentials |
1216 | - and ACLs when connecting. |
1217 | -Ubuntu-Description: |
1218 | -Notes: |
1219 | -Mitigation: |
1220 | -Bugs: |
1221 | -Priority: medium |
1222 | -Discovered-by: Qing Xu |
1223 | -Assigned-to: |
1224 | -CVSS: |
1225 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N [7.5 HIGH] |
1226 | - |
1227 | - |
1228 | -Patches_lucene-solr: |
1229 | -upstream_lucene-solr: released (3.6.2+dfsg-23) |
1230 | -trusty_lucene-solr: ignored (end of standard support) |
1231 | -trusty/esm_lucene-solr: not-affected |
1232 | -xenial_lucene-solr: ignored (end of standard support) |
1233 | -esm-apps/xenial_lucene-solr: not-affected |
1234 | -bionic_lucene-solr: ignored (end of standard support) |
1235 | -esm-apps/bionic_lucene-solr: not-affected |
1236 | -focal_lucene-solr: not-affected |
1237 | -esm-apps/focal_lucene-solr: not-affected |
1238 | -jammy_lucene-solr: not-affected (3.6.2+dfsg-24) |
1239 | -esm-apps/jammy_lucene-solr: not-affected |
1240 | -mantic_lucene-solr: not-affected |
1241 | -noble_lucene-solr: not-affected |
1242 | -esm-apps/noble_lucene-solr: not-affected |
1243 | -devel_lucene-solr: not-affected |
1244 | diff --git a/active/CVE-2023-50386 b/active/CVE-2023-50386 |
1245 | deleted file mode 100644 |
1246 | index 0236aec..0000000 |
1247 | --- a/active/CVE-2023-50386 |
1248 | +++ /dev/null |
1249 | @@ -1,52 +0,0 @@ |
1250 | -Candidate: CVE-2023-50386 |
1251 | -PublicDate: 2024-02-09 18:15:00 UTC |
1252 | -References: |
1253 | - https://solr.apache.org/security.html#cve-2023-50386-apache-solr-backuprestore-apis-allow-for-deployment-of-executables-in-malicious-configsets |
1254 | - https://www.openwall.com/lists/oss-security/2024/02/09/1 |
1255 | - https://www.cve.org/CVERecord?id=CVE-2023-50386 |
1256 | -Description: |
1257 | - Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload |
1258 | - of File with Dangerous Type, Inclusion of Functionality from Untrusted |
1259 | - Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: |
1260 | - from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. In the affected |
1261 | - versions, Solr ConfigSets accepted Java jar and class files to be uploaded |
1262 | - through the ConfigSets API. When backing up Solr Collections, these |
1263 | - configSet files would be saved to disk when using the |
1264 | - LocalFileSystemRepository (the default for backups). If the backup was |
1265 | - saved to a directory that Solr uses in its ClassPath/ClassLoaders, then the |
1266 | - jar and class files would be available to use with any ConfigSet, trusted |
1267 | - or untrusted. When Solr is run in a secure way (Authorization enabled), as |
1268 | - is strongly suggested, this vulnerability is limited to extending the |
1269 | - Backup permissions with the ability to add libraries. Users are recommended |
1270 | - to upgrade to version 8.11.3 or 9.4.1, which fix the issue. In these |
1271 | - versions, the following protections have been added: * Users are no longer |
1272 | - able to upload files to a configSet that could be executed via a Java |
1273 | - ClassLoader. * The Backup API restricts saving backups to directories that |
1274 | - are used in the ClassLoader. |
1275 | -Ubuntu-Description: |
1276 | -Notes: |
1277 | -Mitigation: |
1278 | -Bugs: |
1279 | -Priority: medium |
1280 | -Discovered-by: L3yx |
1281 | -Assigned-to: |
1282 | -CVSS: |
1283 | - nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [8.8 HIGH] |
1284 | - |
1285 | - |
1286 | -Patches_lucene-solr: |
1287 | -upstream_lucene-solr: released (3.6.2+dfsg-23) |
1288 | -trusty_lucene-solr: ignored (end of standard support) |
1289 | -trusty/esm_lucene-solr: not-affected |
1290 | -xenial_lucene-solr: ignored (end of standard support) |
1291 | -esm-apps/xenial_lucene-solr: not-affected |
1292 | -bionic_lucene-solr: ignored (end of standard support) |
1293 | -esm-apps/bionic_lucene-solr: not-affected |
1294 | -focal_lucene-solr: not-affected |
1295 | -esm-apps/focal_lucene-solr: not-affected |
1296 | -jammy_lucene-solr: not-affected (3.6.2+dfsg-24) |
1297 | -esm-apps/jammy_lucene-solr: not-affected |
1298 | -mantic_lucene-solr: not-affected |
1299 | -noble_lucene-solr: not-affected |
1300 | -esm-apps/noble_lucene-solr: not-affected |
1301 | -devel_lucene-solr: not-affected |
1302 | diff --git a/active/CVE-2023-5680 b/active/CVE-2023-5680 |
1303 | deleted file mode 100644 |
1304 | index 269af64..0000000 |
1305 | --- a/active/CVE-2023-5680 |
1306 | +++ /dev/null |
1307 | @@ -1,52 +0,0 @@ |
1308 | -Candidate: CVE-2023-5680 |
1309 | -PublicDate: 2024-02-13 14:15:00 UTC |
1310 | -References: |
1311 | - https://kb.isc.org/docs/cve-2023-5680 |
1312 | - https://www.cve.org/CVERecord?id=CVE-2023-5680 |
1313 | -Description: |
1314 | - If a resolver cache has a very large number of ECS records stored for the |
1315 | - same name, the process of cleaning the cache database node for this name |
1316 | - can significantly impair query performance. This issue affects BIND 9 |
1317 | - versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and |
1318 | - 9.18.11-S1 through 9.18.21-S1. |
1319 | -Ubuntu-Description: |
1320 | -Notes: |
1321 | - alexmurray> As of isc-dhcp-4.4.3-1, isc-dhcp vendors bind9 libs |
1322 | - mdeslaur> only affects the Bind Supported Preview Edition |
1323 | -Mitigation: |
1324 | -Bugs: |
1325 | -Priority: medium |
1326 | -Discovered-by: |
1327 | -Assigned-to: |
1328 | -CVSS: |
1329 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L [5.3 MEDIUM] |
1330 | - |
1331 | - |
1332 | -Patches_bind9: |
1333 | -upstream_bind9: needs-triage |
1334 | -trusty_bind9: ignored (end of standard support, was needs-triage) |
1335 | -trusty/esm_bind9: not-affected |
1336 | -xenial_bind9: ignored (end of standard support, was needs-triage) |
1337 | -esm-infra/xenial_bind9: not-affected |
1338 | -bionic_bind9: ignored (end of standard support) |
1339 | -esm-infra/bionic_bind9: not-affected |
1340 | -focal_bind9: not-affected |
1341 | -jammy_bind9: not-affected |
1342 | -mantic_bind9: not-affected |
1343 | -noble_bind9: not-affected |
1344 | -devel_bind9: not-affected |
1345 | - |
1346 | -Patches_isc-dhcp: |
1347 | -upstream_isc-dhcp: needs-triage |
1348 | -trusty_isc-dhcp: not-affected (code not present) |
1349 | -trusty/esm_isc-dhcp: not-affected (code not present) |
1350 | -xenial_isc-dhcp: not-affected (code not present) |
1351 | -esm-infra/xenial_isc-dhcp: not-affected (code not present) |
1352 | -bionic_isc-dhcp: not-affected (code not present) |
1353 | -esm-infra/bionic_isc-dhcp: not-affected |
1354 | -focal_isc-dhcp: not-affected (code not present) |
1355 | -jammy_isc-dhcp: not-affected (code not present) |
1356 | -mantic_isc-dhcp: not-affected |
1357 | -noble_isc-dhcp: not-affected |
1358 | -esm-apps/noble_isc-dhcp: not-affected |
1359 | -devel_isc-dhcp: not-affected |
1360 | diff --git a/active/CVE-2023-5732 b/active/CVE-2023-5732 |
1361 | deleted file mode 100644 |
1362 | index d239289..0000000 |
1363 | --- a/active/CVE-2023-5732 |
1364 | +++ /dev/null |
1365 | @@ -1,39 +0,0 @@ |
1366 | -PublicDateAtUSN: 2023-10-25 |
1367 | -Candidate: CVE-2023-5732 |
1368 | -PublicDate: 2023-10-25 18:17:00 UTC |
1369 | -References: |
1370 | - https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5732 |
1371 | - https://www.mozilla.org/en-US/security/advisories/mfsa2023-47/#CVE-2023-5732 |
1372 | - https://bugzilla.mozilla.org/show_bug.cgi?id=1690979 |
1373 | - https://bugzilla.mozilla.org/show_bug.cgi?id=1836962 |
1374 | - https://www.mozilla.org/security/advisories/mfsa2023-34/ |
1375 | - https://www.mozilla.org/security/advisories/mfsa2023-46/ |
1376 | - https://www.mozilla.org/security/advisories/mfsa2023-47/ |
1377 | - https://ubuntu.com/security/notices/USN-6468-1 |
1378 | - https://www.cve.org/CVERecord?id=CVE-2023-5732 |
1379 | -Description: |
1380 | - An attacker could have created a malicious link using bidirectional |
1381 | - characters to spoof the location in the address bar when visited. This |
1382 | - vulnerability affects Firefox < 117, Firefox ESR < 115.4, and Thunderbird < |
1383 | - 115.4.1. |
1384 | -Ubuntu-Description: |
1385 | -Notes: |
1386 | -Mitigation: |
1387 | -Bugs: |
1388 | -Priority: medium |
1389 | -Discovered-by: |
1390 | -Assigned-to: |
1391 | -CVSS: |
1392 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N [6.5 MEDIUM] |
1393 | - |
1394 | -Patches_thunderbird: |
1395 | -upstream_thunderbird: needs-triage |
1396 | -trusty_thunderbird: ignored (end of standard support) |
1397 | -xenial_thunderbird: ignored (end of standard support) |
1398 | -bionic_thunderbird: ignored (end of standard support) |
1399 | -focal_thunderbird: released (1:115.4.1+build1-0ubuntu0.20.04.1) |
1400 | -jammy_thunderbird: released (1:115.4.1+build1-0ubuntu0.22.04.1) |
1401 | -lunar_thunderbird: released (1:115.4.1+build1-0ubuntu0.23.04.1) |
1402 | -mantic_thunderbird: released (1:115.4.1+build1-0ubuntu0.23.10.1) |
1403 | -noble_thunderbird: released (1:115.4.1+build1-0ubuntu1) |
1404 | -devel_thunderbird: released (1:115.4.1+build1-0ubuntu1) |
1405 | diff --git a/active/CVE-2023-6246 b/active/CVE-2023-6246 |
1406 | deleted file mode 100644 |
1407 | index 82697be..0000000 |
1408 | --- a/active/CVE-2023-6246 |
1409 | +++ /dev/null |
1410 | @@ -1,54 +0,0 @@ |
1411 | -PublicDateAtUSN: 2024-01-31 |
1412 | -Candidate: CVE-2023-6246 |
1413 | -PublicDate: 2024-01-31 14:15:00 UTC |
1414 | -References: |
1415 | - https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt |
1416 | - https://ubuntu.com/security/notices/USN-6620-1 |
1417 | - https://www.cve.org/CVERecord?id=CVE-2023-6246 |
1418 | -Description: |
1419 | - A heap-based buffer overflow was found in the __vsyslog_internal function |
1420 | - of the glibc library. This function is called by the syslog and vsyslog |
1421 | - functions. This issue occurs when the openlog function was not called, or |
1422 | - called with the ident argument set to NULL, and the program name (the |
1423 | - basename of argv[0]) is bigger than 1024 bytes, resulting in an application |
1424 | - crash or local privilege escalation. This issue affects glibc 2.36 and |
1425 | - newer. |
1426 | -Ubuntu-Description: |
1427 | -Notes: |
1428 | - mdeslaur> introduced by: |
1429 | - mdeslaur> https://sourceware.org/git/?p=glibc.git;a=commit;h=52a5be0df411ef3ff45c10c7c308cb92993d15b1 |
1430 | - mdeslaur> in glibc 3.36 |
1431 | -Mitigation: |
1432 | -Bugs: |
1433 | -Priority: medium |
1434 | -Discovered-by: Qualys |
1435 | -Assigned-to: |
1436 | -CVSS: |
1437 | - nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [7.8 HIGH] |
1438 | - |
1439 | -Patches_glibc: |
1440 | - upstream: https://sourceware.org/git/?p=glibc.git;a=commit;h=6bd0e4efcc78f3c0115e5ea9739a1642807450da |
1441 | -upstream_glibc: released (2.37-15) |
1442 | -trusty_glibc: DNE |
1443 | -xenial_glibc: ignored (end of standard support) |
1444 | -esm-infra/xenial_glibc: not-affected |
1445 | -bionic_glibc: ignored (end of standard support) |
1446 | -esm-infra/bionic_glibc: not-affected |
1447 | -focal_glibc: not-affected (2.31-0ubuntu9.14) |
1448 | -jammy_glibc: not-affected (2.35-0ubuntu3.6) |
1449 | -mantic_glibc: released (2.38-1ubuntu6.1) |
1450 | -noble_glibc: released (2.39-0ubuntu1) |
1451 | -devel_glibc: released (2.39-0ubuntu1) |
1452 | - |
1453 | -Patches_eglibc: |
1454 | -upstream_eglibc: needs-triage |
1455 | -trusty_eglibc: ignored (end of standard support) |
1456 | -trusty/esm_eglibc: not-affected |
1457 | -xenial_eglibc: DNE |
1458 | -bionic_eglibc: DNE |
1459 | -focal_eglibc: DNE |
1460 | -jammy_eglibc: DNE |
1461 | -mantic_eglibc: DNE |
1462 | -noble_eglibc: DNE |
1463 | -devel_eglibc: DNE |
1464 | - |
1465 | diff --git a/active/CVE-2023-6247 b/active/CVE-2023-6247 |
1466 | deleted file mode 100644 |
1467 | index a0d0e1b..0000000 |
1468 | --- a/active/CVE-2023-6247 |
1469 | +++ /dev/null |
1470 | @@ -1,33 +0,0 @@ |
1471 | -Candidate: CVE-2023-6247 |
1472 | -PublicDate: 2024-02-29 01:42:00 UTC |
1473 | -References: |
1474 | - https://community.openvpn.net/openvpn/wiki/CVE-2023-6247 |
1475 | - https://www.cve.org/CVERecord?id=CVE-2023-6247 |
1476 | -Description: |
1477 | - The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not |
1478 | - properly validate the parsed data, which would result in the application |
1479 | - crashing. |
1480 | -Ubuntu-Description: |
1481 | -Notes: |
1482 | - mdeslaur> code doesn't seem present in v2.x |
1483 | -Mitigation: |
1484 | -Bugs: |
1485 | -Priority: medium |
1486 | -Discovered-by: Bahaa Naamneh |
1487 | -Assigned-to: |
1488 | -CVSS: |
1489 | - |
1490 | -Patches_openvpn: |
1491 | - upstream: https://github.com/OpenVPN/openvpn3/commit/afdfe1bb3f4c54e8794 |
1492 | -upstream_openvpn: needs-triage |
1493 | -trusty_openvpn: ignored (end of standard support) |
1494 | -trusty/esm_openvpn: not-affected (3.x only) |
1495 | -xenial_openvpn: ignored (end of standard support) |
1496 | -esm-infra/xenial_openvpn: not-affected (3.x only) |
1497 | -bionic_openvpn: ignored (end of standard support) |
1498 | -esm-infra/bionic_openvpn: not-affected (3.x only) |
1499 | -focal_openvpn: not-affected (3.x only) |
1500 | -jammy_openvpn: not-affected (3.x only) |
1501 | -mantic_openvpn: not-affected (3.x only) |
1502 | -noble_openvpn: not-affected (3.x only) |
1503 | -devel_openvpn: not-affected (3.x only) |
1504 | diff --git a/active/CVE-2023-6258 b/active/CVE-2023-6258 |
1505 | deleted file mode 100644 |
1506 | index 6687ffb..0000000 |
1507 | --- a/active/CVE-2023-6258 |
1508 | +++ /dev/null |
1509 | @@ -1,35 +0,0 @@ |
1510 | -Candidate: CVE-2023-6258 |
1511 | -PublicDate: 2024-01-30 17:15:00 UTC |
1512 | -References: |
1513 | - https://bugzilla.redhat.com/show_bug.cgi?id=2251062 |
1514 | - https://github.com/latchset/pkcs11-provider/pull/308 |
1515 | - https://github.com/latchset/pkcs11-provider/commit/de52d24c1b4b0bdc3a49a23db0f3231e209c3c68 (v0.3) |
1516 | - https://www.cve.org/CVERecord?id=CVE-2023-6258 |
1517 | -Description: |
1518 | - A security vulnerability has been identified in the pkcs11-provider, which |
1519 | - is associated with Public-Key Cryptography Standards (PKCS#11). If |
1520 | - exploited successfully, this vulnerability could result in a |
1521 | - Bleichenbacher-like security flaw, potentially enabling a side-channel |
1522 | - attack on PKCS#1 1.5 decryption. |
1523 | -Ubuntu-Description: |
1524 | -Notes: |
1525 | -Mitigation: |
1526 | -Bugs: |
1527 | -Priority: medium |
1528 | -Discovered-by: |
1529 | -Assigned-to: |
1530 | -CVSS: |
1531 | - nvd: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H [8.1 HIGH] |
1532 | - |
1533 | - |
1534 | -Patches_pkcs11-provider: |
1535 | -upstream_pkcs11-provider: released (0.3-1) |
1536 | -trusty_pkcs11-provider: DNE |
1537 | -xenial_pkcs11-provider: DNE |
1538 | -bionic_pkcs11-provider: DNE |
1539 | -focal_pkcs11-provider: DNE |
1540 | -jammy_pkcs11-provider: DNE |
1541 | -mantic_pkcs11-provider: DNE |
1542 | -noble_pkcs11-provider: not-affected (0.3-1) |
1543 | -esm-apps/noble_pkcs11-provider: not-affected (0.3-1) |
1544 | -devel_pkcs11-provider: not-affected (0.3-1) |
1545 | diff --git a/active/CVE-2023-6277 b/active/CVE-2023-6277 |
1546 | deleted file mode 100644 |
1547 | index fb6e98f..0000000 |
1548 | --- a/active/CVE-2023-6277 |
1549 | +++ /dev/null |
1550 | @@ -1,51 +0,0 @@ |
1551 | -PublicDateAtUSN: 2023-11-24 19:15:00 UTC |
1552 | -Candidate: CVE-2023-6277 |
1553 | -PublicDate: 2023-11-24 19:15:00 UTC |
1554 | -References: |
1555 | - https://gitlab.com/libtiff/libtiff/-/merge_requests/545 |
1556 | - https://access.redhat.com/security/cve/CVE-2023-6277 |
1557 | - https://ubuntu.com/security/notices/USN-6644-1 |
1558 | - https://ubuntu.com/security/notices/USN-6644-2 |
1559 | - https://www.cve.org/CVERecord?id=CVE-2023-6277 |
1560 | -Description: |
1561 | - An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to |
1562 | - TIFFOpen() API may allow a remote attacker to cause a denial of service via |
1563 | - a craft input with size smaller than 379 KB. |
1564 | -Ubuntu-Description: |
1565 | -Notes: |
1566 | - rodrigo-zaiden> the first commit was claimed to introduce regressions, so |
1567 | - we should consider the follow up commits that makes the check a bit less |
1568 | - restrictive. |
1569 | - rodrigo-zaiden> one of the regressions was caught by debian in libimager-perl, |
1570 | - https://bugs.debian.org/1057270. with the proposed follow up commits, we |
1571 | - should be clear wit that regression |
1572 | -Mitigation: |
1573 | -Bugs: |
1574 | - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056751 |
1575 | - https://gitlab.com/libtiff/libtiff/-/issues/614 |
1576 | - https://bugzilla.redhat.com/show_bug.cgi?id=2251311 |
1577 | -Priority: low |
1578 | - Minor issue, only a OOM DoS |
1579 | -Discovered-by: |
1580 | -Assigned-to: |
1581 | -CVSS: |
1582 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [6.5 MEDIUM] |
1583 | - |
1584 | -Patches_tiff: |
1585 | - upstream: https://gitlab.com/libtiff/libtiff/-/commit/5320c9d89c054fa805d037d84c57da874470b01a |
1586 | - upstream: https://gitlab.com/libtiff/libtiff/-/commit/0b025324711213a75e38b52f7e7ba60235f108aa |
1587 | - upstream: https://gitlab.com/libtiff/libtiff/-/commit/de7bfd7d4377c266f81849579f696fa1ad5ba6c3 |
1588 | - upstream: https://gitlab.com/libtiff/libtiff/-/commit/dbb825a8312f30e63a06c272010967d51af5c35a |
1589 | -upstream_tiff: released (4.5.1+git230720-2) |
1590 | -trusty_tiff: ignored (end of standard support) |
1591 | -trusty/esm_tiff: released (4.0.3-7ubuntu0.11+esm12) |
1592 | -xenial_tiff: ignored (end of standard support) |
1593 | -esm-infra/xenial_tiff: released (4.0.6-1ubuntu0.8+esm15) |
1594 | -bionic_tiff: ignored (end of standard support) |
1595 | -esm-infra/bionic_tiff: released (4.0.9-5ubuntu0.10+esm5) |
1596 | -focal_tiff: released (4.1.0+git191117-2ubuntu0.20.04.12) |
1597 | -jammy_tiff: released (4.3.0-6ubuntu0.8) |
1598 | -lunar_tiff: ignored (end of life, was needed) |
1599 | -mantic_tiff: released (4.5.1+git230720-1ubuntu1.1) |
1600 | -noble_tiff: not-affected (4.5.1+git230720-3ubuntu1) |
1601 | -devel_tiff: not-affected (4.5.1+git230720-3ubuntu1) |
1602 | diff --git a/active/CVE-2023-6779 b/active/CVE-2023-6779 |
1603 | deleted file mode 100644 |
1604 | index bb16a1d..0000000 |
1605 | --- a/active/CVE-2023-6779 |
1606 | +++ /dev/null |
1607 | @@ -1,51 +0,0 @@ |
1608 | -PublicDateAtUSN: 2024-01-31 |
1609 | -Candidate: CVE-2023-6779 |
1610 | -PublicDate: 2024-01-31 14:15:00 UTC |
1611 | -References: |
1612 | - https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt |
1613 | - https://ubuntu.com/security/notices/USN-6620-1 |
1614 | - https://www.cve.org/CVERecord?id=CVE-2023-6779 |
1615 | -Description: |
1616 | - An off-by-one heap-based buffer overflow was found in the |
1617 | - __vsyslog_internal function of the glibc library. This function is called |
1618 | - by the syslog and vsyslog functions. This issue occurs when these functions |
1619 | - are called with a message bigger than INT_MAX bytes, leading to an |
1620 | - incorrect calculation of the buffer size to store the message, resulting in |
1621 | - an application crash. This issue affects glibc 2.37 and newer. |
1622 | -Ubuntu-Description: |
1623 | -Notes: |
1624 | -Mitigation: |
1625 | -Bugs: |
1626 | -Priority: medium |
1627 | -Discovered-by: Qualys |
1628 | -Assigned-to: |
1629 | -CVSS: |
1630 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH] |
1631 | - |
1632 | - |
1633 | -Patches_glibc: |
1634 | - upstream: https://sourceware.org/git/?p=glibc.git;a=commit;h=7e5a0c286da33159d47d0122007aac016f3e02cd |
1635 | -upstream_glibc: released (2.37-15) |
1636 | -trusty_glibc: DNE |
1637 | -xenial_glibc: ignored (end of standard support) |
1638 | -esm-infra/xenial_glibc: not-affected |
1639 | -bionic_glibc: ignored (end of standard support) |
1640 | -esm-infra/bionic_glibc: not-affected |
1641 | -focal_glibc: not-affected (2.31-0ubuntu9.14) |
1642 | -jammy_glibc: not-affected (2.35-0ubuntu3.6) |
1643 | -mantic_glibc: released (2.38-1ubuntu6.1) |
1644 | -noble_glibc: released (2.39-0ubuntu1) |
1645 | -devel_glibc: released (2.39-0ubuntu1) |
1646 | - |
1647 | -Patches_eglibc: |
1648 | -upstream_eglibc: needs-triage |
1649 | -trusty_eglibc: ignored (end of standard support) |
1650 | -trusty/esm_eglibc: not-affected |
1651 | -xenial_eglibc: DNE |
1652 | -bionic_eglibc: DNE |
1653 | -focal_eglibc: DNE |
1654 | -jammy_eglibc: DNE |
1655 | -mantic_eglibc: DNE |
1656 | -noble_eglibc: DNE |
1657 | -devel_eglibc: DNE |
1658 | - |
1659 | diff --git a/active/CVE-2023-6780 b/active/CVE-2023-6780 |
1660 | deleted file mode 100644 |
1661 | index fefbf1e..0000000 |
1662 | --- a/active/CVE-2023-6780 |
1663 | +++ /dev/null |
1664 | @@ -1,51 +0,0 @@ |
1665 | -PublicDateAtUSN: 2024-01-31 |
1666 | -Candidate: CVE-2023-6780 |
1667 | -PublicDate: 2024-01-31 14:15:00 UTC |
1668 | -References: |
1669 | - https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt |
1670 | - https://ubuntu.com/security/notices/USN-6620-1 |
1671 | - https://www.cve.org/CVERecord?id=CVE-2023-6780 |
1672 | -Description: |
1673 | - An integer overflow was found in the __vsyslog_internal function of the |
1674 | - glibc library. This function is called by the syslog and vsyslog functions. |
1675 | - This issue occurs when these functions are called with a very long message, |
1676 | - leading to an incorrect calculation of the buffer size to store the |
1677 | - message, resulting in undefined behavior. This issue affects glibc 2.37 and |
1678 | - newer. |
1679 | -Ubuntu-Description: |
1680 | -Notes: |
1681 | -Mitigation: |
1682 | -Bugs: |
1683 | -Priority: medium |
1684 | -Discovered-by: Qualys |
1685 | -Assigned-to: |
1686 | -CVSS: |
1687 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L [5.3 MEDIUM] |
1688 | - |
1689 | - |
1690 | -Patches_glibc: |
1691 | - upstream: https://sourceware.org/git?p=glibc.git;a=commit;h=ddf542da94caf97ff43cc2875c88749880b7259b |
1692 | -upstream_glibc: released (2.37-15) |
1693 | -trusty_glibc: DNE |
1694 | -xenial_glibc: ignored (end of standard support) |
1695 | -esm-infra/xenial_glibc: not-affected |
1696 | -bionic_glibc: ignored (end of standard support) |
1697 | -esm-infra/bionic_glibc: not-affected |
1698 | -focal_glibc: not-affected (2.31-0ubuntu9.14) |
1699 | -jammy_glibc: not-affected (2.35-0ubuntu3.6) |
1700 | -mantic_glibc: released (2.38-1ubuntu6.1) |
1701 | -noble_glibc: released (2.39-0ubuntu1) |
1702 | -devel_glibc: released (2.39-0ubuntu1) |
1703 | - |
1704 | -Patches_eglibc: |
1705 | -upstream_eglibc: needs-triage |
1706 | -trusty_eglibc: ignored (end of standard support) |
1707 | -trusty/esm_eglibc: not-affected |
1708 | -xenial_eglibc: DNE |
1709 | -bionic_eglibc: DNE |
1710 | -focal_eglibc: DNE |
1711 | -jammy_eglibc: DNE |
1712 | -mantic_eglibc: DNE |
1713 | -noble_eglibc: DNE |
1714 | -devel_eglibc: DNE |
1715 | - |
1716 | diff --git a/active/CVE-2023-7207 b/active/CVE-2023-7207 |
1717 | deleted file mode 100644 |
1718 | index 981c1d0..0000000 |
1719 | --- a/active/CVE-2023-7207 |
1720 | +++ /dev/null |
1721 | @@ -1,41 +0,0 @@ |
1722 | -PublicDateAtUSN: 2024-02-29 01:42:00 UTC |
1723 | -Candidate: CVE-2023-7207 |
1724 | -PublicDate: 2024-02-29 01:42:00 UTC |
1725 | -References: |
1726 | - https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=376d663340a9dc91c91a5849e5713f07571c1628 |
1727 | - https://www.openwall.com/lists/oss-security/2023/12/21/8 |
1728 | - https://www.cve.org/CVERecord?id=CVE-2023-7207 |
1729 | - https://ubuntu.com/security/notices/USN-6755-1 |
1730 | -Description: |
1731 | - Debian's cpio contains a path traversal vulnerability. This issue was |
1732 | - introduced by reverting CVE-2015-1197 patches which had caused a regression |
1733 | - in --no-absolute-filenames. Upstream has since provided a proper fix to |
1734 | - --no-absolute-filenames. |
1735 | -Ubuntu-Description: |
1736 | -Notes: |
1737 | - ccdm94> bionic and earlier are not affected by this issue as the CVE patch |
1738 | - ccdm94> for CVE-2015-1197 was not reverted in these releases. |
1739 | -Mitigation: |
1740 | -Bugs: |
1741 | - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059163 |
1742 | -Priority: medium |
1743 | -Discovered-by: Ingo Brückl |
1744 | -Assigned-to: fabian |
1745 | -CVSS: |
1746 | - ubuntu: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N [4.9 MEDIUM] |
1747 | - |
1748 | -Patches_cpio: |
1749 | - upstream: https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=376d663340a9dc91c91a5849e5713f07571c1628 |
1750 | -upstream_cpio: released (2.14) |
1751 | -trusty_cpio: ignored (end of standard support) |
1752 | -trusty/esm_cpio: not-affected (see notes) |
1753 | -xenial_cpio: ignored (end of standard support) |
1754 | -esm-infra/xenial_cpio: not-affected (see notes) |
1755 | -bionic_cpio: ignored (end of standard support) |
1756 | -esm-infra/bionic_cpio: not-affected (see notes) |
1757 | -focal_cpio: released (2.13+dfsg-2ubuntu0.4) |
1758 | -jammy_cpio: released (2.13+dfsg-7ubuntu0.1) |
1759 | -lunar_cpio: ignored (end of life, was needed) |
1760 | -mantic_cpio: released (2.13+dfsg-7.1ubuntu0.1) |
1761 | -noble_cpio: not-affected (2.15+dfsg-1ubuntu1) |
1762 | -devel_cpio: not-affected (2.15+dfsg-1ubuntu1) |
1763 | diff --git a/active/CVE-2024-0232 b/active/CVE-2024-0232 |
1764 | deleted file mode 100644 |
1765 | index 4674afa..0000000 |
1766 | --- a/active/CVE-2024-0232 |
1767 | +++ /dev/null |
1768 | @@ -1,59 +0,0 @@ |
1769 | -Candidate: CVE-2024-0232 |
1770 | -PublicDate: 2024-01-16 14:15:00 UTC |
1771 | -References: |
1772 | - https://sqlite.org/forum/forumpost/4aa381993a |
1773 | - https://sqlite.org/forum/forumpost/b25edc1d46 |
1774 | - https://www.cve.org/CVERecord?id=CVE-2024-0232 |
1775 | -Description: |
1776 | - A heap use-after-free issue has been identified in SQLite in the |
1777 | - jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local |
1778 | - attacker to leverage a victim to pass specially crafted malicious input to |
1779 | - the application, potentially causing a crash and leading to a denial of |
1780 | - service. |
1781 | -Ubuntu-Description: |
1782 | -Notes: |
1783 | - mdeslaur> possibly introduced here: |
1784 | - mdeslaur> https://github.com/sqlite/sqlite/commit/44f53b96472a660e42f4c4f33e01f0fc9c691440 |
1785 | - mdeslaur> Could not reproduce the issue in mantic and lunar, marking as |
1786 | - mdeslaur> not affected. |
1787 | -Mitigation: |
1788 | -Bugs: |
1789 | - https://bugzilla.redhat.com/show_bug.cgi?id=2243754 |
1790 | -Priority: medium |
1791 | -Discovered-by: |
1792 | -Assigned-to: |
1793 | -CVSS: |
1794 | - nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [5.5 MEDIUM] |
1795 | - |
1796 | -Patches_sqlite: |
1797 | -upstream_sqlite: needs-triage |
1798 | -trusty_sqlite: ignored (end of standard support) |
1799 | -trusty/esm_sqlite: not-affected (code not present) |
1800 | -xenial_sqlite: ignored (end of standard support) |
1801 | -esm-apps/xenial_sqlite: not-affected (code not present) |
1802 | -bionic_sqlite: ignored (end of standard support) |
1803 | -esm-apps/bionic_sqlite: not-affected (code not present) |
1804 | -focal_sqlite: not-affected (code not present) |
1805 | -esm-apps/focal_sqlite: not-affected (code not present) |
1806 | -jammy_sqlite: not-affected (code not present) |
1807 | -esm-apps/jammy_sqlite: not-affected (code not present) |
1808 | -lunar_sqlite: DNE |
1809 | -mantic_sqlite: DNE |
1810 | -noble_sqlite: DNE |
1811 | -devel_sqlite: DNE |
1812 | - |
1813 | -Patches_sqlite3: |
1814 | - upstream: https://sqlite.org/src/info/a163fecca90cab9d (v3.43.2) |
1815 | -upstream_sqlite3: released (3.43.2) |
1816 | -trusty_sqlite3: ignored (end of standard support) |
1817 | -trusty/esm_sqlite3: not-affected (code not present) |
1818 | -xenial_sqlite3: ignored (end of standard support) |
1819 | -esm-infra/xenial_sqlite3: not-affected (code not present) |
1820 | -bionic_sqlite3: ignored (end of standard support) |
1821 | -esm-infra/bionic_sqlite3: not-affected (code not present) |
1822 | -focal_sqlite3: not-affected (code not present) |
1823 | -jammy_sqlite3: not-affected (code not present) |
1824 | -lunar_sqlite3: not-affected (3.40.1-1ubuntu0.1) |
1825 | -mantic_sqlite3: not-affected (3.42.0-1ubuntu0.1) |
1826 | -noble_sqlite3: not-affected (3.44.2-1) |
1827 | -devel_sqlite3: not-affected (3.44.2-1) |
1828 | diff --git a/active/CVE-2024-0567 b/active/CVE-2024-0567 |
1829 | deleted file mode 100644 |
1830 | index dad7daf..0000000 |
1831 | --- a/active/CVE-2024-0567 |
1832 | +++ /dev/null |
1833 | @@ -1,45 +0,0 @@ |
1834 | -PublicDateAtUSN: 2024-01-16 14:15:00 UTC |
1835 | -Candidate: CVE-2024-0567 |
1836 | -PublicDate: 2024-01-16 14:15:00 UTC |
1837 | -References: |
1838 | - https://gnutls.org/security-new.html#GNUTLS-SA-2024-01-09 |
1839 | - https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html |
1840 | - https://access.redhat.com/security/cve/CVE-2024-0567 |
1841 | - https://ubuntu.com/security/notices/USN-6593-1 |
1842 | - https://www.cve.org/CVERecord?id=CVE-2024-0567 |
1843 | -Description: |
1844 | - A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) |
1845 | - rejects a certificate chain with distributed trust. This issue occurs when |
1846 | - validating a certificate chain with cockpit-certificate-ensure. This flaw |
1847 | - allows an unauthenticated, remote client or attacker to initiate a denial |
1848 | - of service attack. |
1849 | -Ubuntu-Description: |
1850 | -Notes: |
1851 | - mdeslaur> The code is different in focal and older and the reproducer |
1852 | - mdeslaur> doesn't appear to crash the older version of GnuTLS. Marking as |
1853 | - mdeslaur> not-affected. |
1854 | -Mitigation: |
1855 | -Bugs: |
1856 | - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061045 |
1857 | - https://gitlab.com/gnutls/gnutls/-/issues/1521 |
1858 | - https://bugzilla.redhat.com/show_bug.cgi?id=2258544 |
1859 | -Priority: medium |
1860 | -Discovered-by: |
1861 | -Assigned-to: |
1862 | -CVSS: |
1863 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH] |
1864 | - |
1865 | -Patches_gnutls28: |
1866 | - upstream: https://gitlab.com/gnutls/gnutls/-/commit/9edbdaa84e38b1bfb53a7d72c1de44f8de373405 (3.8.3) |
1867 | -upstream_gnutls28: released (3.8.3-1) |
1868 | -trusty_gnutls28: ignored (end of standard support) |
1869 | -xenial_gnutls28: ignored (end of standard support) |
1870 | -esm-infra/xenial_gnutls28: not-affected |
1871 | -bionic_gnutls28: ignored (end of standard support) |
1872 | -esm-infra/bionic_gnutls28: not-affected |
1873 | -focal_gnutls28: not-affected (3.6.13-2ubuntu1.9) |
1874 | -jammy_gnutls28: released (3.7.3-4ubuntu1.4) |
1875 | -lunar_gnutls28: released (3.7.8-5ubuntu1.2) |
1876 | -mantic_gnutls28: released (3.8.1-4ubuntu1.2) |
1877 | -noble_gnutls28: released (3.8.3-1ubuntu1) |
1878 | -devel_gnutls28: released (3.8.3-1ubuntu1) |
1879 | diff --git a/active/CVE-2024-0853 b/active/CVE-2024-0853 |
1880 | deleted file mode 100644 |
1881 | index 914b457..0000000 |
1882 | --- a/active/CVE-2024-0853 |
1883 | +++ /dev/null |
1884 | @@ -1,38 +0,0 @@ |
1885 | -Candidate: CVE-2024-0853 |
1886 | -PublicDate: 2024-02-03 14:15:00 UTC |
1887 | -CRD: 2024-01-31 |
1888 | -References: |
1889 | - https://curl.se/docs/CVE-2024-0853.html |
1890 | - https://www.cve.org/CVERecord?id=CVE-2024-0853 |
1891 | -Description: |
1892 | - curl inadvertently kept the SSL session ID for connections in its cache |
1893 | - even when the verify status (*OCSP stapling*) test failed. A subsequent |
1894 | - transfer to the same hostname could then succeed if the session ID cache |
1895 | - was still fresh, which then skipped the verify status check. |
1896 | -Ubuntu-Description: |
1897 | -Notes: |
1898 | - mdeslaur> only affects 8.5.0 |
1899 | -Mitigation: |
1900 | -Bugs: |
1901 | -Priority: low |
1902 | - Upstream Curl developers have rated this as being low severity |
1903 | -Discovered-by: Hiroki Kurosawa |
1904 | -Assigned-to: |
1905 | -CVSS: |
1906 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N [5.3 MEDIUM] |
1907 | - |
1908 | - |
1909 | -Patches_curl: |
1910 | -upstream_curl: needs-triage |
1911 | -trusty_curl: ignored (end of standard support) |
1912 | -trusty/esm_curl: not-affected |
1913 | -xenial_curl: ignored (end of standard support) |
1914 | -esm-infra/xenial_curl: not-affected |
1915 | -bionic_curl: ignored (end of standard support) |
1916 | -esm-infra/bionic_curl: not-affected |
1917 | -focal_curl: not-affected |
1918 | -jammy_curl: not-affected |
1919 | -lunar_curl: not-affected |
1920 | -mantic_curl: not-affected (8.2.1-1ubuntu3.2) |
1921 | -noble_curl: released (8.5.0-2ubuntu2) |
1922 | -devel_curl: released (8.5.0-2ubuntu2) |
1923 | diff --git a/active/CVE-2024-1048 b/active/CVE-2024-1048 |
1924 | deleted file mode 100644 |
1925 | index af75af1..0000000 |
1926 | --- a/active/CVE-2024-1048 |
1927 | +++ /dev/null |
1928 | @@ -1,75 +0,0 @@ |
1929 | -Candidate: CVE-2024-1048 |
1930 | -PublicDate: 2024-02-06 18:15:00 UTC |
1931 | -References: |
1932 | - https://access.redhat.com/security/cve/CVE-2024-1048 |
1933 | - https://bugzilla.redhat.com/show_bug.cgi?id=2256827 |
1934 | - https://www.openwall.com/lists/oss-security/2024/02/06/3 |
1935 | - http://www.openwall.com/lists/oss-security/2024/02/06/3 |
1936 | - https://www.cve.org/CVERecord?id=CVE-2024-1048 |
1937 | -Description: |
1938 | - A flaw was found in the grub2-set-bootflag utility of grub2. After the fix |
1939 | - of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the |
1940 | - new grubenv content and rename it to the original grubenv file. If the |
1941 | - program is killed before the rename operation, the temporary file will not |
1942 | - be removed and may fill the filesystem when invoked multiple times, |
1943 | - resulting in a filesystem out of free inodes or blocks. |
1944 | -Ubuntu-Description: |
1945 | -Notes: |
1946 | - eslerm> the grub2 package does not affect Ubuntu's Secure Boot |
1947 | - eslerm> grub2-unsigned contains Secure Boot security fixes grub2 and |
1948 | - eslerm> grub2-unsigned should have same major version Ubuntu Secure Boot |
1949 | - eslerm> and ESM do not cover i386 trusty's GA kernel cannot handle new |
1950 | - eslerm> versions of grub Note that key revocation is required to protect |
1951 | - eslerm> against evil housekeeper attacks (such as BlackLotus) |
1952 | - mdeslaur> |
1953 | - mdeslaur> This issue is in a RedHat-specific addition and does not affect |
1954 | - mdeslaur> Debian or Ubuntu |
1955 | -Mitigation: |
1956 | -Bugs: |
1957 | -Priority: medium |
1958 | -Discovered-by: |
1959 | -Assigned-to: |
1960 | -CVSS: |
1961 | - nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L [3.3 LOW] |
1962 | - |
1963 | - |
1964 | -Patches_grub2: |
1965 | -upstream_grub2: needs-triage |
1966 | -trusty_grub2: ignored (end of standard support) |
1967 | -trusty/esm_grub2: not-affected (does not affect Secure Boot) |
1968 | -xenial_grub2: ignored (end of standard support) |
1969 | -esm-infra/xenial_grub2: not-affected (does not affect Secure Boot) |
1970 | -bionic_grub2: ignored (end of standard support) |
1971 | -esm-infra/bionic_grub2: not-affected (does not affect Secure Boot) |
1972 | -focal_grub2: not-affected (does not affect Secure Boot) |
1973 | -jammy_grub2: not-affected (does not affect Secure Boot) |
1974 | -mantic_grub2: not-affected (does not affect Secure Boot) |
1975 | -noble_grub2: not-affected (does not affect Secure Boot) |
1976 | -devel_grub2: not-affected (does not affect Secure Boot) |
1977 | - |
1978 | -Patches_grub2-unsigned: |
1979 | -upstream_grub2-unsigned: needs-triage |
1980 | -trusty_grub2-unsigned: ignored (end of standard support) |
1981 | -xenial_grub2-unsigned: ignored (end of standard support) |
1982 | -esm-infra/xenial_grub2-unsigned: not-affected (RH specific) |
1983 | -bionic_grub2-unsigned: ignored (end of standard support) |
1984 | -esm-infra/bionic_grub2-unsigned: not-affected (RH specific) |
1985 | -focal_grub2-unsigned: not-affected (RH specific) |
1986 | -jammy_grub2-unsigned: not-affected (RH specific) |
1987 | -mantic_grub2-unsigned: not-affected (RH specific) |
1988 | -noble_grub2-unsigned: not-affected (RH specific) |
1989 | -devel_grub2-unsigned: not-affected (RH specific) |
1990 | - |
1991 | -Patches_grub2-signed: |
1992 | -upstream_grub2-signed: needs-triage |
1993 | -trusty_grub2-signed: ignored (end of standard support) |
1994 | -trusty/esm_grub2-signed: not-affected (RH specific) |
1995 | -xenial_grub2-signed: ignored (end of standard support) |
1996 | -esm-infra/xenial_grub2-signed: not-affected (RH specific) |
1997 | -bionic_grub2-signed: ignored (end of standard support) |
1998 | -esm-infra/bionic_grub2-signed: not-affected (RH specific) |
1999 | -focal_grub2-signed: not-affected (RH specific) |
2000 | -jammy_grub2-signed: not-affected (RH specific) |
2001 | -mantic_grub2-signed: not-affected (RH specific) |
2002 | -noble_grub2-signed: not-affected (RH specific) |
2003 | -devel_grub2-signed: not-affected (RH specific) |
2004 | diff --git a/active/CVE-2024-1059 b/active/CVE-2024-1059 |
2005 | deleted file mode 100644 |
2006 | index b330bbc..0000000 |
2007 | --- a/active/CVE-2024-1059 |
2008 | +++ /dev/null |
2009 | @@ -1,36 +0,0 @@ |
2010 | -Candidate: CVE-2024-1059 |
2011 | -PublicDate: 2024-01-30 22:15:00 UTC |
2012 | -References: |
2013 | - https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html |
2014 | - https://crbug.com/1514777 |
2015 | - https://www.cve.org/CVERecord?id=CVE-2024-1059 |
2016 | -Description: |
2017 | - Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 |
2018 | - allowed a remote attacker to potentially exploit stack corruption via a |
2019 | - crafted HTML page. (Chromium security severity: High) |
2020 | -Ubuntu-Description: |
2021 | -Notes: |
2022 | - alexmurray> The Debian chromium source package is called chromium-browser |
2023 | - alexmurray> in Ubuntu |
2024 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2025 | - mdeslaur> a script that installs the Chromium snap |
2026 | -Mitigation: |
2027 | -Bugs: |
2028 | -Priority: medium |
2029 | -Discovered-by: |
2030 | -Assigned-to: |
2031 | -CVSS: |
2032 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH] |
2033 | - |
2034 | - |
2035 | -Patches_chromium-browser: |
2036 | -upstream_chromium-browser: released |
2037 | -trusty_chromium-browser: ignored (end of standard support) |
2038 | -xenial_chromium-browser: ignored (end of standard support) |
2039 | -bionic_chromium-browser: ignored (end of standard support) |
2040 | -focal_chromium-browser: not-affected (code not present) |
2041 | -jammy_chromium-browser: not-affected (code not present) |
2042 | -mantic_chromium-browser: not-affected (code not present) |
2043 | -noble_chromium-browser: not-affected (code not present) |
2044 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2045 | -devel_chromium-browser: not-affected (code not present) |
2046 | diff --git a/active/CVE-2024-1060 b/active/CVE-2024-1060 |
2047 | deleted file mode 100644 |
2048 | index 049995b..0000000 |
2049 | --- a/active/CVE-2024-1060 |
2050 | +++ /dev/null |
2051 | @@ -1,36 +0,0 @@ |
2052 | -Candidate: CVE-2024-1060 |
2053 | -PublicDate: 2024-01-30 22:15:00 UTC |
2054 | -References: |
2055 | - https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html |
2056 | - https://crbug.com/1511567 |
2057 | - https://www.cve.org/CVERecord?id=CVE-2024-1060 |
2058 | -Description: |
2059 | - Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a |
2060 | - remote attacker to potentially exploit heap corruption via a crafted HTML |
2061 | - page. (Chromium security severity: High) |
2062 | -Ubuntu-Description: |
2063 | -Notes: |
2064 | - alexmurray> The Debian chromium source package is called chromium-browser |
2065 | - alexmurray> in Ubuntu |
2066 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2067 | - mdeslaur> a script that installs the Chromium snap |
2068 | -Mitigation: |
2069 | -Bugs: |
2070 | -Priority: medium |
2071 | -Discovered-by: |
2072 | -Assigned-to: |
2073 | -CVSS: |
2074 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH] |
2075 | - |
2076 | - |
2077 | -Patches_chromium-browser: |
2078 | -upstream_chromium-browser: released |
2079 | -trusty_chromium-browser: ignored (end of standard support) |
2080 | -xenial_chromium-browser: ignored (end of standard support) |
2081 | -bionic_chromium-browser: ignored (end of standard support) |
2082 | -focal_chromium-browser: not-affected (code not present) |
2083 | -jammy_chromium-browser: not-affected (code not present) |
2084 | -mantic_chromium-browser: not-affected (code not present) |
2085 | -noble_chromium-browser: not-affected (code not present) |
2086 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2087 | -devel_chromium-browser: not-affected (code not present) |
2088 | diff --git a/active/CVE-2024-1077 b/active/CVE-2024-1077 |
2089 | deleted file mode 100644 |
2090 | index a5bca51..0000000 |
2091 | --- a/active/CVE-2024-1077 |
2092 | +++ /dev/null |
2093 | @@ -1,36 +0,0 @@ |
2094 | -Candidate: CVE-2024-1077 |
2095 | -PublicDate: 2024-01-30 22:15:00 UTC |
2096 | -References: |
2097 | - https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html |
2098 | - https://crbug.com/1511085 |
2099 | - https://www.cve.org/CVERecord?id=CVE-2024-1077 |
2100 | -Description: |
2101 | - Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed |
2102 | - a remote attacker to potentially exploit heap corruption via a malicious |
2103 | - file. (Chromium security severity: High) |
2104 | -Ubuntu-Description: |
2105 | -Notes: |
2106 | - alexmurray> The Debian chromium source package is called chromium-browser |
2107 | - alexmurray> in Ubuntu |
2108 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2109 | - mdeslaur> a script that installs the Chromium snap |
2110 | -Mitigation: |
2111 | -Bugs: |
2112 | -Priority: medium |
2113 | -Discovered-by: |
2114 | -Assigned-to: |
2115 | -CVSS: |
2116 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH] |
2117 | - |
2118 | - |
2119 | -Patches_chromium-browser: |
2120 | -upstream_chromium-browser: released |
2121 | -trusty_chromium-browser: ignored (end of standard support) |
2122 | -xenial_chromium-browser: ignored (end of standard support) |
2123 | -bionic_chromium-browser: ignored (end of standard support) |
2124 | -focal_chromium-browser: not-affected (code not present) |
2125 | -jammy_chromium-browser: not-affected (code not present) |
2126 | -mantic_chromium-browser: not-affected (code not present) |
2127 | -noble_chromium-browser: not-affected (code not present) |
2128 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2129 | -devel_chromium-browser: not-affected (code not present) |
2130 | diff --git a/active/CVE-2024-1283 b/active/CVE-2024-1283 |
2131 | deleted file mode 100644 |
2132 | index f5edd30..0000000 |
2133 | --- a/active/CVE-2024-1283 |
2134 | +++ /dev/null |
2135 | @@ -1,36 +0,0 @@ |
2136 | -Candidate: CVE-2024-1283 |
2137 | -PublicDate: 2024-02-07 00:15:00 UTC |
2138 | -References: |
2139 | - https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html |
2140 | - https://issues.chromium.org/issues/41494860 |
2141 | - https://www.cve.org/CVERecord?id=CVE-2024-1283 |
2142 | -Description: |
2143 | - Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 |
2144 | - allowed a remote attacker to potentially exploit heap corruption via a |
2145 | - crafted HTML page. (Chromium security severity: High) |
2146 | -Ubuntu-Description: |
2147 | -Notes: |
2148 | - alexmurray> The Debian chromium source package is called chromium-browser |
2149 | - alexmurray> in Ubuntu |
2150 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2151 | - mdeslaur> a script that installs the Chromium snap |
2152 | -Mitigation: |
2153 | -Bugs: |
2154 | -Priority: medium |
2155 | -Discovered-by: |
2156 | -Assigned-to: |
2157 | -CVSS: |
2158 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL] |
2159 | - |
2160 | - |
2161 | -Patches_chromium-browser: |
2162 | -upstream_chromium-browser: released |
2163 | -trusty_chromium-browser: ignored (end of standard support) |
2164 | -xenial_chromium-browser: ignored (end of standard support) |
2165 | -bionic_chromium-browser: ignored (end of standard support) |
2166 | -focal_chromium-browser: not-affected (code not present) |
2167 | -jammy_chromium-browser: not-affected (code not present) |
2168 | -mantic_chromium-browser: not-affected (code not present) |
2169 | -noble_chromium-browser: not-affected (code not present) |
2170 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2171 | -devel_chromium-browser: not-affected (code not present) |
2172 | diff --git a/active/CVE-2024-1284 b/active/CVE-2024-1284 |
2173 | deleted file mode 100644 |
2174 | index 74c0d7e..0000000 |
2175 | --- a/active/CVE-2024-1284 |
2176 | +++ /dev/null |
2177 | @@ -1,36 +0,0 @@ |
2178 | -Candidate: CVE-2024-1284 |
2179 | -PublicDate: 2024-02-07 00:15:00 UTC |
2180 | -References: |
2181 | - https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html |
2182 | - https://issues.chromium.org/issues/41494539 |
2183 | - https://www.cve.org/CVERecord?id=CVE-2024-1284 |
2184 | -Description: |
2185 | - Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a |
2186 | - remote attacker to potentially exploit heap corruption via a crafted HTML |
2187 | - page. (Chromium security severity: High) |
2188 | -Ubuntu-Description: |
2189 | -Notes: |
2190 | - alexmurray> The Debian chromium source package is called chromium-browser |
2191 | - alexmurray> in Ubuntu |
2192 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2193 | - mdeslaur> a script that installs the Chromium snap |
2194 | -Mitigation: |
2195 | -Bugs: |
2196 | -Priority: medium |
2197 | -Discovered-by: |
2198 | -Assigned-to: |
2199 | -CVSS: |
2200 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL] |
2201 | - |
2202 | - |
2203 | -Patches_chromium-browser: |
2204 | -upstream_chromium-browser: released |
2205 | -trusty_chromium-browser: ignored (end of standard support) |
2206 | -xenial_chromium-browser: ignored (end of standard support) |
2207 | -bionic_chromium-browser: ignored (end of standard support) |
2208 | -focal_chromium-browser: not-affected (code not present) |
2209 | -jammy_chromium-browser: not-affected (code not present) |
2210 | -mantic_chromium-browser: not-affected (code not present) |
2211 | -noble_chromium-browser: not-affected (code not present) |
2212 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2213 | -devel_chromium-browser: not-affected (code not present) |
2214 | diff --git a/active/CVE-2024-1488 b/active/CVE-2024-1488 |
2215 | deleted file mode 100644 |
2216 | index a0a3336..0000000 |
2217 | --- a/active/CVE-2024-1488 |
2218 | +++ /dev/null |
2219 | @@ -1,37 +0,0 @@ |
2220 | -Candidate: CVE-2024-1488 |
2221 | -PublicDate: 2024-02-15 05:15:00 UTC |
2222 | -References: |
2223 | - https://bugzilla.redhat.com/show_bug.cgi?id=2264183 |
2224 | - https://www.cve.org/CVERecord?id=CVE-2024-1488 |
2225 | -Description: |
2226 | - A vulnerability was found in Unbound due to incorrect default permissions, |
2227 | - allowing any process outside the unbound group to modify the unbound |
2228 | - runtime configuration. If a process can connect over localhost to port |
2229 | - 8953, it can alter the configuration of unbound.service. This flaw allows |
2230 | - an unprivileged attacker to manipulate a running instance, potentially |
2231 | - altering forwarders, allowing them to track all queries forwarded by the |
2232 | - local resolver, and, in some cases, disrupting resolving altogether. |
2233 | -Ubuntu-Description: |
2234 | -Notes: |
2235 | - mdeslaur> This is an issue specific to Red Hat packaging, Ubuntu is not |
2236 | - mdeslaur> affected by this issue. |
2237 | -Mitigation: |
2238 | -Bugs: |
2239 | -Priority: medium |
2240 | -Discovered-by: |
2241 | -Assigned-to: |
2242 | -CVSS: |
2243 | - |
2244 | -Patches_unbound: |
2245 | -upstream_unbound: not-affected (debian: RedHat specific patch vulnerability) |
2246 | -trusty_unbound: ignored (end of standard support) |
2247 | -trusty/esm_unbound: not-affected |
2248 | -xenial_unbound: ignored (end of standard support) |
2249 | -esm-infra/xenial_unbound: not-affected |
2250 | -bionic_unbound: ignored (end of standard support) |
2251 | -esm-infra/bionic_unbound: not-affected |
2252 | -focal_unbound: not-affected |
2253 | -jammy_unbound: not-affected |
2254 | -mantic_unbound: not-affected |
2255 | -noble_unbound: not-affected |
2256 | -devel_unbound: not-affected |
2257 | diff --git a/active/CVE-2024-1669 b/active/CVE-2024-1669 |
2258 | deleted file mode 100644 |
2259 | index 0e5f4dc..0000000 |
2260 | --- a/active/CVE-2024-1669 |
2261 | +++ /dev/null |
2262 | @@ -1,34 +0,0 @@ |
2263 | -Candidate: CVE-2024-1669 |
2264 | -PublicDate: 2024-02-21 04:15:00 UTC |
2265 | -References: |
2266 | - https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html |
2267 | - https://issues.chromium.org/issues/41495060 |
2268 | - https://www.cve.org/CVERecord?id=CVE-2024-1669 |
2269 | -Description: |
2270 | - Out of bounds memory access in Blink in Google Chrome prior to |
2271 | - 122.0.6261.57 allowed a remote attacker to perform out of bounds memory |
2272 | - access via a crafted HTML page. (Chromium security severity: High) |
2273 | -Ubuntu-Description: |
2274 | -Notes: |
2275 | - alexmurray> The Debian chromium source package is called chromium-browser |
2276 | - alexmurray> in Ubuntu |
2277 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2278 | - mdeslaur> a script that installs the Chromium snap |
2279 | -Mitigation: |
2280 | -Bugs: |
2281 | -Priority: medium |
2282 | -Discovered-by: |
2283 | -Assigned-to: |
2284 | -CVSS: |
2285 | - |
2286 | -Patches_chromium-browser: |
2287 | -upstream_chromium-browser: released |
2288 | -trusty_chromium-browser: ignored (end of standard support) |
2289 | -xenial_chromium-browser: ignored (end of standard support) |
2290 | -bionic_chromium-browser: ignored (end of standard support) |
2291 | -focal_chromium-browser: not-affected (code not present) |
2292 | -jammy_chromium-browser: not-affected (code not present) |
2293 | -mantic_chromium-browser: not-affected (code not present) |
2294 | -noble_chromium-browser: not-affected (code not present) |
2295 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2296 | -devel_chromium-browser: not-affected (code not present) |
2297 | diff --git a/active/CVE-2024-1670 b/active/CVE-2024-1670 |
2298 | deleted file mode 100644 |
2299 | index 9a2b726..0000000 |
2300 | --- a/active/CVE-2024-1670 |
2301 | +++ /dev/null |
2302 | @@ -1,34 +0,0 @@ |
2303 | -Candidate: CVE-2024-1670 |
2304 | -PublicDate: 2024-02-21 04:15:00 UTC |
2305 | -References: |
2306 | - https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html |
2307 | - https://issues.chromium.org/issues/41481374 |
2308 | - https://www.cve.org/CVERecord?id=CVE-2024-1670 |
2309 | -Description: |
2310 | - Use after free in Mojo in Google Chrome prior to 122.0.6261.57 allowed a |
2311 | - remote attacker to potentially exploit heap corruption via a crafted HTML |
2312 | - page. (Chromium security severity: High) |
2313 | -Ubuntu-Description: |
2314 | -Notes: |
2315 | - alexmurray> The Debian chromium source package is called chromium-browser |
2316 | - alexmurray> in Ubuntu |
2317 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2318 | - mdeslaur> a script that installs the Chromium snap |
2319 | -Mitigation: |
2320 | -Bugs: |
2321 | -Priority: medium |
2322 | -Discovered-by: |
2323 | -Assigned-to: |
2324 | -CVSS: |
2325 | - |
2326 | -Patches_chromium-browser: |
2327 | -upstream_chromium-browser: released |
2328 | -trusty_chromium-browser: ignored (end of standard support) |
2329 | -xenial_chromium-browser: ignored (end of standard support) |
2330 | -bionic_chromium-browser: ignored (end of standard support) |
2331 | -focal_chromium-browser: not-affected (code not present) |
2332 | -jammy_chromium-browser: not-affected (code not present) |
2333 | -mantic_chromium-browser: not-affected (code not present) |
2334 | -noble_chromium-browser: not-affected (code not present) |
2335 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2336 | -devel_chromium-browser: not-affected (code not present) |
2337 | diff --git a/active/CVE-2024-1671 b/active/CVE-2024-1671 |
2338 | deleted file mode 100644 |
2339 | index 195094c..0000000 |
2340 | --- a/active/CVE-2024-1671 |
2341 | +++ /dev/null |
2342 | @@ -1,34 +0,0 @@ |
2343 | -Candidate: CVE-2024-1671 |
2344 | -PublicDate: 2024-02-21 04:15:00 UTC |
2345 | -References: |
2346 | - https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html |
2347 | - https://issues.chromium.org/issues/41487933 |
2348 | - https://www.cve.org/CVERecord?id=CVE-2024-1671 |
2349 | -Description: |
2350 | - Inappropriate implementation in Site Isolation in Google Chrome prior to |
2351 | - 122.0.6261.57 allowed a remote attacker to bypass content security policy |
2352 | - via a crafted HTML page. (Chromium security severity: Medium) |
2353 | -Ubuntu-Description: |
2354 | -Notes: |
2355 | - alexmurray> The Debian chromium source package is called chromium-browser |
2356 | - alexmurray> in Ubuntu |
2357 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2358 | - mdeslaur> a script that installs the Chromium snap |
2359 | -Mitigation: |
2360 | -Bugs: |
2361 | -Priority: medium |
2362 | -Discovered-by: |
2363 | -Assigned-to: |
2364 | -CVSS: |
2365 | - |
2366 | -Patches_chromium-browser: |
2367 | -upstream_chromium-browser: released |
2368 | -trusty_chromium-browser: ignored (end of standard support) |
2369 | -xenial_chromium-browser: ignored (end of standard support) |
2370 | -bionic_chromium-browser: ignored (end of standard support) |
2371 | -focal_chromium-browser: not-affected (code not present) |
2372 | -jammy_chromium-browser: not-affected (code not present) |
2373 | -mantic_chromium-browser: not-affected (code not present) |
2374 | -noble_chromium-browser: not-affected (code not present) |
2375 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2376 | -devel_chromium-browser: not-affected (code not present) |
2377 | diff --git a/active/CVE-2024-1672 b/active/CVE-2024-1672 |
2378 | deleted file mode 100644 |
2379 | index aa04f7a..0000000 |
2380 | --- a/active/CVE-2024-1672 |
2381 | +++ /dev/null |
2382 | @@ -1,34 +0,0 @@ |
2383 | -Candidate: CVE-2024-1672 |
2384 | -PublicDate: 2024-02-21 04:15:00 UTC |
2385 | -References: |
2386 | - https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html |
2387 | - https://issues.chromium.org/issues/41485789 |
2388 | - https://www.cve.org/CVERecord?id=CVE-2024-1672 |
2389 | -Description: |
2390 | - Inappropriate implementation in Content Security Policy in Google Chrome |
2391 | - prior to 122.0.6261.57 allowed a remote attacker to bypass content security |
2392 | - policy via a crafted HTML page. (Chromium security severity: Medium) |
2393 | -Ubuntu-Description: |
2394 | -Notes: |
2395 | - alexmurray> The Debian chromium source package is called chromium-browser |
2396 | - alexmurray> in Ubuntu |
2397 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2398 | - mdeslaur> a script that installs the Chromium snap |
2399 | -Mitigation: |
2400 | -Bugs: |
2401 | -Priority: medium |
2402 | -Discovered-by: |
2403 | -Assigned-to: |
2404 | -CVSS: |
2405 | - |
2406 | -Patches_chromium-browser: |
2407 | -upstream_chromium-browser: released |
2408 | -trusty_chromium-browser: ignored (end of standard support) |
2409 | -xenial_chromium-browser: ignored (end of standard support) |
2410 | -bionic_chromium-browser: ignored (end of standard support) |
2411 | -focal_chromium-browser: not-affected (code not present) |
2412 | -jammy_chromium-browser: not-affected (code not present) |
2413 | -mantic_chromium-browser: not-affected (code not present) |
2414 | -noble_chromium-browser: not-affected (code not present) |
2415 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2416 | -devel_chromium-browser: not-affected (code not present) |
2417 | diff --git a/active/CVE-2024-1673 b/active/CVE-2024-1673 |
2418 | deleted file mode 100644 |
2419 | index 47bf229..0000000 |
2420 | --- a/active/CVE-2024-1673 |
2421 | +++ /dev/null |
2422 | @@ -1,35 +0,0 @@ |
2423 | -Candidate: CVE-2024-1673 |
2424 | -PublicDate: 2024-02-21 04:15:00 UTC |
2425 | -References: |
2426 | - https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html |
2427 | - https://issues.chromium.org/issues/41490491 |
2428 | - https://www.cve.org/CVERecord?id=CVE-2024-1673 |
2429 | -Description: |
2430 | - Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 |
2431 | - allowed a remote attacker who had compromised the renderer process to |
2432 | - potentially exploit heap corruption via specific UI gestures. (Chromium |
2433 | - security severity: Medium) |
2434 | -Ubuntu-Description: |
2435 | -Notes: |
2436 | - alexmurray> The Debian chromium source package is called chromium-browser |
2437 | - alexmurray> in Ubuntu |
2438 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2439 | - mdeslaur> a script that installs the Chromium snap |
2440 | -Mitigation: |
2441 | -Bugs: |
2442 | -Priority: medium |
2443 | -Discovered-by: |
2444 | -Assigned-to: |
2445 | -CVSS: |
2446 | - |
2447 | -Patches_chromium-browser: |
2448 | -upstream_chromium-browser: released |
2449 | -trusty_chromium-browser: ignored (end of standard support) |
2450 | -xenial_chromium-browser: ignored (end of standard support) |
2451 | -bionic_chromium-browser: ignored (end of standard support) |
2452 | -focal_chromium-browser: not-affected (code not present) |
2453 | -jammy_chromium-browser: not-affected (code not present) |
2454 | -mantic_chromium-browser: not-affected (code not present) |
2455 | -noble_chromium-browser: not-affected (code not present) |
2456 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2457 | -devel_chromium-browser: not-affected (code not present) |
2458 | diff --git a/active/CVE-2024-1674 b/active/CVE-2024-1674 |
2459 | deleted file mode 100644 |
2460 | index 7f79375..0000000 |
2461 | --- a/active/CVE-2024-1674 |
2462 | +++ /dev/null |
2463 | @@ -1,34 +0,0 @@ |
2464 | -Candidate: CVE-2024-1674 |
2465 | -PublicDate: 2024-02-21 04:15:00 UTC |
2466 | -References: |
2467 | - https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html |
2468 | - https://issues.chromium.org/issues/40095183 |
2469 | - https://www.cve.org/CVERecord?id=CVE-2024-1674 |
2470 | -Description: |
2471 | - Inappropriate implementation in Navigation in Google Chrome prior to |
2472 | - 122.0.6261.57 allowed a remote attacker to bypass navigation restrictions |
2473 | - via a crafted HTML page. (Chromium security severity: Medium) |
2474 | -Ubuntu-Description: |
2475 | -Notes: |
2476 | - alexmurray> The Debian chromium source package is called chromium-browser |
2477 | - alexmurray> in Ubuntu |
2478 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2479 | - mdeslaur> a script that installs the Chromium snap |
2480 | -Mitigation: |
2481 | -Bugs: |
2482 | -Priority: medium |
2483 | -Discovered-by: |
2484 | -Assigned-to: |
2485 | -CVSS: |
2486 | - |
2487 | -Patches_chromium-browser: |
2488 | -upstream_chromium-browser: released |
2489 | -trusty_chromium-browser: ignored (end of standard support) |
2490 | -xenial_chromium-browser: ignored (end of standard support) |
2491 | -bionic_chromium-browser: ignored (end of standard support) |
2492 | -focal_chromium-browser: not-affected (code not present) |
2493 | -jammy_chromium-browser: not-affected (code not present) |
2494 | -mantic_chromium-browser: not-affected (code not present) |
2495 | -noble_chromium-browser: not-affected (code not present) |
2496 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2497 | -devel_chromium-browser: not-affected (code not present) |
2498 | diff --git a/active/CVE-2024-1675 b/active/CVE-2024-1675 |
2499 | deleted file mode 100644 |
2500 | index c4b5dce..0000000 |
2501 | --- a/active/CVE-2024-1675 |
2502 | +++ /dev/null |
2503 | @@ -1,34 +0,0 @@ |
2504 | -Candidate: CVE-2024-1675 |
2505 | -PublicDate: 2024-02-21 04:15:00 UTC |
2506 | -References: |
2507 | - https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html |
2508 | - https://issues.chromium.org/issues/41486208 |
2509 | - https://www.cve.org/CVERecord?id=CVE-2024-1675 |
2510 | -Description: |
2511 | - Insufficient policy enforcement in Download in Google Chrome prior to |
2512 | - 122.0.6261.57 allowed a remote attacker to bypass filesystem restrictions |
2513 | - via a crafted HTML page. (Chromium security severity: Medium) |
2514 | -Ubuntu-Description: |
2515 | -Notes: |
2516 | - alexmurray> The Debian chromium source package is called chromium-browser |
2517 | - alexmurray> in Ubuntu |
2518 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2519 | - mdeslaur> a script that installs the Chromium snap |
2520 | -Mitigation: |
2521 | -Bugs: |
2522 | -Priority: medium |
2523 | -Discovered-by: |
2524 | -Assigned-to: |
2525 | -CVSS: |
2526 | - |
2527 | -Patches_chromium-browser: |
2528 | -upstream_chromium-browser: released |
2529 | -trusty_chromium-browser: ignored (end of standard support) |
2530 | -xenial_chromium-browser: ignored (end of standard support) |
2531 | -bionic_chromium-browser: ignored (end of standard support) |
2532 | -focal_chromium-browser: not-affected (code not present) |
2533 | -jammy_chromium-browser: not-affected (code not present) |
2534 | -mantic_chromium-browser: not-affected (code not present) |
2535 | -noble_chromium-browser: not-affected (code not present) |
2536 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2537 | -devel_chromium-browser: not-affected (code not present) |
2538 | diff --git a/active/CVE-2024-1676 b/active/CVE-2024-1676 |
2539 | deleted file mode 100644 |
2540 | index 8b28843..0000000 |
2541 | --- a/active/CVE-2024-1676 |
2542 | +++ /dev/null |
2543 | @@ -1,34 +0,0 @@ |
2544 | -Candidate: CVE-2024-1676 |
2545 | -PublicDate: 2024-02-21 04:15:00 UTC |
2546 | -References: |
2547 | - https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html |
2548 | - https://issues.chromium.org/issues/40944847 |
2549 | - https://www.cve.org/CVERecord?id=CVE-2024-1676 |
2550 | -Description: |
2551 | - Inappropriate implementation in Navigation in Google Chrome prior to |
2552 | - 122.0.6261.57 allowed a remote attacker to spoof security UI via a crafted |
2553 | - HTML page. (Chromium security severity: Low) |
2554 | -Ubuntu-Description: |
2555 | -Notes: |
2556 | - alexmurray> The Debian chromium source package is called chromium-browser |
2557 | - alexmurray> in Ubuntu |
2558 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2559 | - mdeslaur> a script that installs the Chromium snap |
2560 | -Mitigation: |
2561 | -Bugs: |
2562 | -Priority: medium |
2563 | -Discovered-by: |
2564 | -Assigned-to: |
2565 | -CVSS: |
2566 | - |
2567 | -Patches_chromium-browser: |
2568 | -upstream_chromium-browser: released (122.0.6261.57) |
2569 | -trusty_chromium-browser: ignored (end of standard support) |
2570 | -xenial_chromium-browser: ignored (end of standard support) |
2571 | -bionic_chromium-browser: ignored (end of standard support) |
2572 | -focal_chromium-browser: not-affected (code not present) |
2573 | -jammy_chromium-browser: not-affected (code not present) |
2574 | -mantic_chromium-browser: not-affected (code not present) |
2575 | -noble_chromium-browser: not-affected (code not present) |
2576 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2577 | -devel_chromium-browser: not-affected (code not present) |
2578 | diff --git a/active/CVE-2024-1874 b/active/CVE-2024-1874 |
2579 | deleted file mode 100644 |
2580 | index 89ccbb7..0000000 |
2581 | --- a/active/CVE-2024-1874 |
2582 | +++ /dev/null |
2583 | @@ -1,86 +0,0 @@ |
2584 | -Candidate: CVE-2024-1874 |
2585 | -PublicDate: 2024-04-16 |
2586 | -References: |
2587 | - https://www.cve.org/CVERecord?id=CVE-2024-1874 |
2588 | - https://github.com/php/php-src/security/advisories/GHSA-pc52-254m-w9w7 |
2589 | - https://github.com/php/php-src/commit/e3c784f2bfb6029b49d27783b2efc87ee6923f79 |
2590 | -Description: |
2591 | - Command injection via array-ish $command parameter of proc_open |
2592 | -Ubuntu-Description: |
2593 | -Notes: |
2594 | - leosilva> from debian "Only affects improper handling of command line arguments on Windows" |
2595 | - sbeattie> PEAR issues should go against php-pear as of xenial |
2596 | -Mitigation: |
2597 | -Bugs: |
2598 | -Priority: medium |
2599 | -Discovered-by: |
2600 | -Assigned-to: |
2601 | -CVSS: |
2602 | - |
2603 | -Patches_php5: |
2604 | -upstream_php5: needs-triage |
2605 | -trusty/esm_php5: not-affected |
2606 | -focal_php5: DNE |
2607 | -jammy_php5: DNE |
2608 | -mantic_php5: DNE |
2609 | -noble_php5: DNE |
2610 | -devel_php5: DNE |
2611 | - |
2612 | -Patches_php7.0: |
2613 | -upstream_php7.0: needs-triage |
2614 | -esm-infra/xenial_php7.0: not-affected |
2615 | -focal_php7.0: DNE |
2616 | -jammy_php7.0: DNE |
2617 | -mantic_php7.0: DNE |
2618 | -noble_php7.0: DNE |
2619 | -devel_php7.0: DNE |
2620 | - |
2621 | -Patches_php7.2: |
2622 | -upstream_php7.2: needs-triage |
2623 | -esm-infra/bionic_php7.2: not-affected |
2624 | -focal_php7.2: DNE |
2625 | -jammy_php7.2: DNE |
2626 | -mantic_php7.2: DNE |
2627 | -noble_php7.2: DNE |
2628 | -devel_php7.2: DNE |
2629 | - |
2630 | -Patches_php7.4: |
2631 | -upstream_php7.4: needs-triage |
2632 | -focal_php7.4: not-affected |
2633 | -jammy_php7.4: DNE |
2634 | -mantic_php7.4: DNE |
2635 | -noble_php7.4: DNE |
2636 | -devel_php7.4: DNE |
2637 | - |
2638 | -Patches_php8.1: |
2639 | -upstream_php8.1: released (8.1.28) |
2640 | -focal_php8.1: DNE |
2641 | -jammy_php8.1: not-affected |
2642 | -mantic_php8.1: DNE |
2643 | -noble_php8.1: DNE |
2644 | -devel_php8.1: DNE |
2645 | - |
2646 | -Patches_php8.2: |
2647 | -upstream_php8.2: released (8.2.18) |
2648 | -trusty_php8.2: DNE |
2649 | -trusty/esm_php8.2: DNE |
2650 | -xenial_php8.2: DNE |
2651 | -bionic_php8.2: DNE |
2652 | -focal_php8.2: DNE |
2653 | -jammy_php8.2: DNE |
2654 | -mantic_php8.2: not-affected |
2655 | -noble_php8.2: DNE |
2656 | -devel_php8.2: DNE |
2657 | - |
2658 | -Patches_php8.3: |
2659 | -upstream_php8.3: released (8.3.6) |
2660 | -trusty_php8.3: DNE |
2661 | -trusty/esm_php8.3: DNE |
2662 | -xenial_php8.3: DNE |
2663 | -bionic_php8.3: DNE |
2664 | -focal_php8.3: DNE |
2665 | -jammy_php8.3: DNE |
2666 | -mantic_php8.3: DNE |
2667 | -noble_php8.3: not-affected |
2668 | -devel_php8.3: not-affected |
2669 | - |
2670 | diff --git a/active/CVE-2024-1899 b/active/CVE-2024-1899 |
2671 | deleted file mode 100644 |
2672 | index e656f99..0000000 |
2673 | --- a/active/CVE-2024-1899 |
2674 | +++ /dev/null |
2675 | @@ -1,28 +0,0 @@ |
2676 | -Candidate: CVE-2024-1899 |
2677 | -PublicDate: 2024-02-26 19:15:00 UTC |
2678 | -References: |
2679 | - https://www.tenable.com/security/research/tra-2024-05 |
2680 | - https://www.cve.org/CVERecord?id=CVE-2024-1899 |
2681 | -Description: |
2682 | - An issue in the anchors subparser of Showdownjs versions <= 2.1.0 could |
2683 | - allow a remote attacker to cause denial of service conditions. |
2684 | - |
2685 | -Ubuntu-Description: |
2686 | -Notes: |
2687 | -Mitigation: |
2688 | -Bugs: |
2689 | -Priority: medium |
2690 | -Discovered-by: |
2691 | -Assigned-to: |
2692 | -CVSS: |
2693 | - |
2694 | -Patches_showdown: |
2695 | -upstream_showdown: needs-triage |
2696 | -trusty_showdown: ignored (end of standard support) |
2697 | -xenial_showdown: DNE |
2698 | -bionic_showdown: DNE |
2699 | -focal_showdown: DNE |
2700 | -jammy_showdown: DNE |
2701 | -mantic_showdown: DNE |
2702 | -noble_showdown: DNE |
2703 | -devel_showdown: DNE |
2704 | diff --git a/active/CVE-2024-1936 b/active/CVE-2024-1936 |
2705 | deleted file mode 100644 |
2706 | index 4213417..0000000 |
2707 | --- a/active/CVE-2024-1936 |
2708 | +++ /dev/null |
2709 | @@ -1,33 +0,0 @@ |
2710 | -Candidate: CVE-2024-1936 |
2711 | -PublicDate: 2024-03-04 22:15:00 UTC |
2712 | -References: |
2713 | - https://www.mozilla.org/en-US/security/advisories/mfsa2024-11/#CVE-2024-1936 |
2714 | - https://bugzilla.mozilla.org/show_bug.cgi?id=1860977 |
2715 | - https://www.mozilla.org/security/advisories/mfsa2024-11/ |
2716 | - https://www.cve.org/CVERecord?id=CVE-2024-1936 |
2717 | -Description: |
2718 | - The encrypted subject of an email message could be incorrectly and |
2719 | - permanently assigned to an arbitrary other email message in Thunderbird's |
2720 | - local cache. Consequently, when replying to the contaminated email message, |
2721 | - the user might accidentally leak the confidential subject to a third party. |
2722 | - While this update fixes the bug and avoids future message contamination, it |
2723 | - does not automatically repair existing contaminations. Users are advised to |
2724 | - use the repair folder functionality, which is available from the context |
2725 | - menu of email folders, which will erase incorrect subject assignments. This |
2726 | - vulnerability affects Thunderbird < 115.8.1. |
2727 | -Ubuntu-Description: |
2728 | -Notes: |
2729 | -Mitigation: |
2730 | -Bugs: |
2731 | -Priority: medium |
2732 | -Discovered-by: |
2733 | -Assigned-to: |
2734 | -CVSS: |
2735 | - |
2736 | -Patches_thunderbird: |
2737 | -upstream_thunderbird: released (1:115.8.1-1) |
2738 | -focal_thunderbird: released (1:115.8.1+build1-0ubuntu0.20.04.1) |
2739 | -jammy_thunderbird: released (1:115.8.1+build1-0ubuntu0.22.04.1) |
2740 | -mantic_thunderbird: released (115.8.1+build1-0ubuntu0.23.10.1) |
2741 | -noble_thunderbird: not-affected |
2742 | -devel_thunderbird: not-affected |
2743 | diff --git a/active/CVE-2024-1938 b/active/CVE-2024-1938 |
2744 | deleted file mode 100644 |
2745 | index 545e402..0000000 |
2746 | --- a/active/CVE-2024-1938 |
2747 | +++ /dev/null |
2748 | @@ -1,32 +0,0 @@ |
2749 | -Candidate: CVE-2024-1938 |
2750 | -PublicDate: 2024-02-29 01:43:00 UTC |
2751 | -References: |
2752 | - https://www.cve.org/CVERecord?id=CVE-2024-1938 |
2753 | -Description: |
2754 | - Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a |
2755 | - remote attacker to potentially exploit object corruption via a crafted HTML |
2756 | - page. (Chromium security severity: High) |
2757 | -Ubuntu-Description: |
2758 | -Notes: |
2759 | - alexmurray> The Debian chromium source package is called chromium-browser |
2760 | - alexmurray> in Ubuntu |
2761 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2762 | - mdeslaur> a script that installs the Chromium snap |
2763 | -Mitigation: |
2764 | -Bugs: |
2765 | -Priority: medium |
2766 | -Discovered-by: |
2767 | -Assigned-to: |
2768 | -CVSS: |
2769 | - |
2770 | -Patches_chromium-browser: |
2771 | -upstream_chromium-browser: released |
2772 | -trusty_chromium-browser: ignored (end of standard support) |
2773 | -xenial_chromium-browser: ignored (end of standard support) |
2774 | -bionic_chromium-browser: ignored (end of standard support) |
2775 | -focal_chromium-browser: not-affected (code not present) |
2776 | -jammy_chromium-browser: not-affected (code not present) |
2777 | -mantic_chromium-browser: not-affected (code not present) |
2778 | -noble_chromium-browser: not-affected (code not present) |
2779 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2780 | -devel_chromium-browser: not-affected (code not present) |
2781 | diff --git a/active/CVE-2024-1939 b/active/CVE-2024-1939 |
2782 | deleted file mode 100644 |
2783 | index a892364..0000000 |
2784 | --- a/active/CVE-2024-1939 |
2785 | +++ /dev/null |
2786 | @@ -1,32 +0,0 @@ |
2787 | -Candidate: CVE-2024-1939 |
2788 | -PublicDate: 2024-02-29 01:43:00 UTC |
2789 | -References: |
2790 | - https://www.cve.org/CVERecord?id=CVE-2024-1939 |
2791 | -Description: |
2792 | - Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a |
2793 | - remote attacker to potentially exploit heap corruption via a crafted HTML |
2794 | - page. (Chromium security severity: High) |
2795 | -Ubuntu-Description: |
2796 | -Notes: |
2797 | - alexmurray> The Debian chromium source package is called chromium-browser |
2798 | - alexmurray> in Ubuntu |
2799 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
2800 | - mdeslaur> a script that installs the Chromium snap |
2801 | -Mitigation: |
2802 | -Bugs: |
2803 | -Priority: medium |
2804 | -Discovered-by: |
2805 | -Assigned-to: |
2806 | -CVSS: |
2807 | - |
2808 | -Patches_chromium-browser: |
2809 | -upstream_chromium-browser: released |
2810 | -trusty_chromium-browser: ignored (end of standard support) |
2811 | -xenial_chromium-browser: ignored (end of standard support) |
2812 | -bionic_chromium-browser: ignored (end of standard support) |
2813 | -focal_chromium-browser: not-affected (code not present) |
2814 | -jammy_chromium-browser: not-affected (code not present) |
2815 | -mantic_chromium-browser: not-affected (code not present) |
2816 | -noble_chromium-browser: not-affected (code not present) |
2817 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
2818 | -devel_chromium-browser: not-affected (code not present) |
2819 | diff --git a/active/CVE-2024-2004 b/active/CVE-2024-2004 |
2820 | deleted file mode 100644 |
2821 | index 6fe3aeb..0000000 |
2822 | --- a/active/CVE-2024-2004 |
2823 | +++ /dev/null |
2824 | @@ -1,41 +0,0 @@ |
2825 | -PublicDateAtUSN: 2024-03-27 07:00:00 UTC |
2826 | -Candidate: CVE-2024-2004 |
2827 | -PublicDate: 2024-03-27 08:15:00 UTC |
2828 | -CRD: 2024-03-27 07:00:00 UTC |
2829 | -References: |
2830 | - https://curl.se/docs/CVE-2024-2004.html |
2831 | - https://ubuntu.com/security/notices/USN-6718-1 |
2832 | - https://www.cve.org/CVERecord?id=CVE-2024-2004 |
2833 | - https://ubuntu.com/security/notices/USN-6718-3 |
2834 | -Description: |
2835 | - When a protocol selection parameter option disables all protocols without |
2836 | - adding any then the default set of protocols would remain in the allowed |
2837 | - set due to an error in the logic for removing protocols. The below command |
2838 | - would perform a request to curl.se with a plaintext protocol which has been |
2839 | - explicitly disabled. curl --proto -all,-http http://curl.se The flaw |
2840 | - is only present if the set of selected protocols disables the entire set of |
2841 | - available protocols, in itself a command with no practical use and |
2842 | - therefore unlikely to be encountered in real situations. The curl security |
2843 | - team has thus assessed this to be low severity bug. |
2844 | -Ubuntu-Description: |
2845 | -Notes: |
2846 | - mdeslaur> affects curl 7.85.0 to and including 8.6.0 |
2847 | -Mitigation: |
2848 | -Bugs: |
2849 | -Priority: low |
2850 | - Upstream developers consider this a low severity issue |
2851 | -Discovered-by: Dan Fandrich |
2852 | -Assigned-to: |
2853 | -CVSS: |
2854 | - |
2855 | -Patches_curl: |
2856 | - upstream: https://github.com/curl/curl/commit/17d302e56221 |
2857 | -upstream_curl: released (8.7.0) |
2858 | -trusty/esm_curl: not-affected |
2859 | -esm-infra/xenial_curl: not-affected |
2860 | -esm-infra/bionic_curl: not-affected |
2861 | -focal_curl: not-affected (7.68.0-1ubuntu2.21) |
2862 | -jammy_curl: not-affected (7.81.0-1ubuntu1.15) |
2863 | -mantic_curl: released (8.2.1-1ubuntu3.3) |
2864 | -noble_curl: released (8.5.0-2ubuntu10.1) |
2865 | -devel_curl: released (8.5.0-2ubuntu10.1) |
2866 | diff --git a/active/CVE-2024-20290 b/active/CVE-2024-20290 |
2867 | deleted file mode 100644 |
2868 | index ba764ee..0000000 |
2869 | --- a/active/CVE-2024-20290 |
2870 | +++ /dev/null |
2871 | @@ -1,44 +0,0 @@ |
2872 | -PublicDateAtUSN: 2024-02-07 17:15:00 UTC |
2873 | -Candidate: CVE-2024-20290 |
2874 | -PublicDate: 2024-02-07 17:15:00 UTC |
2875 | -References: |
2876 | - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-hDffu6t |
2877 | - https://blog.clamav.net/2023/11/clamav-130-122-105-released.html |
2878 | - https://ubuntu.com/security/notices/USN-6636-1 |
2879 | - https://www.cve.org/CVERecord?id=CVE-2024-20290 |
2880 | -Description: |
2881 | - A vulnerability in the OLE2 file format parser of ClamAV could allow an |
2882 | - unauthenticated, remote attacker to cause a denial of service (DoS) |
2883 | - condition on an affected device. This vulnerability is due to an incorrect |
2884 | - check for end-of-string values during scanning, which may result in a heap |
2885 | - buffer over-read. An attacker could exploit this vulnerability by |
2886 | - submitting a crafted file containing OLE2 content to be scanned by ClamAV |
2887 | - on an affected device. A successful exploit could allow the attacker to |
2888 | - cause the ClamAV scanning process to terminate, resulting in a DoS |
2889 | - condition on the affected software and consuming available system |
2890 | - resources. For a description of this vulnerability, see the ClamAV blog . |
2891 | -Ubuntu-Description: |
2892 | -Notes: |
2893 | - mdeslaur> doesn't appear to affect 0.103.x |
2894 | -Mitigation: |
2895 | -Bugs: |
2896 | -Priority: medium |
2897 | -Discovered-by: |
2898 | -Assigned-to: |
2899 | -CVSS: |
2900 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH] |
2901 | - |
2902 | - |
2903 | -Patches_clamav: |
2904 | -upstream_clamav: needs-triage |
2905 | -trusty_clamav: ignored (end of standard support) |
2906 | -trusty/esm_clamav: not-affected (code not present) |
2907 | -xenial_clamav: ignored (end of standard support) |
2908 | -esm-infra/xenial_clamav: not-affected (code not present) |
2909 | -bionic_clamav: ignored (end of standard support) |
2910 | -esm-infra/bionic_clamav: not-affected (code not present) |
2911 | -focal_clamav: not-affected (0.103.11+dfsg-0ubuntu0.20.04.1) |
2912 | -jammy_clamav: not-affected (0.103.11+dfsg-0ubuntu0.22.04.1) |
2913 | -mantic_clamav: released (1.0.5+dfsg-0ubuntu0.23.10.1) |
2914 | -noble_clamav: released (1.0.5+dfsg-1ubuntu1) |
2915 | -devel_clamav: released (1.0.5+dfsg-1ubuntu1) |
2916 | diff --git a/active/CVE-2024-20328 b/active/CVE-2024-20328 |
2917 | deleted file mode 100644 |
2918 | index 22962c6..0000000 |
2919 | --- a/active/CVE-2024-20328 |
2920 | +++ /dev/null |
2921 | @@ -1,41 +0,0 @@ |
2922 | -PublicDateAtUSN: 2024-02-09 |
2923 | -Candidate: CVE-2024-20328 |
2924 | -PublicDate: 2024-03-01 21:15:00 UTC |
2925 | -References: |
2926 | - https://blog.clamav.net/2023/11/clamav-130-122-105-released.html |
2927 | - https://ubuntu.com/security/notices/USN-6636-1 |
2928 | - https://www.cve.org/CVERecord?id=CVE-2024-20328 |
2929 | -Description: |
2930 | - A vulnerability in the VirusEvent feature of ClamAV could allow a local |
2931 | - attacker to inject arbitrary commands with the privileges of the |
2932 | - application service account.The vulnerability is due to unsafe handling of |
2933 | - file names. A local attacker could exploit this vulnerability by supplying |
2934 | - a file name containing command-line sequences. When processed on a system |
2935 | - using configuration options for the VirusEvent feature, the attacker could |
2936 | - cause the application to execute arbitrary commands. ClamAV has released |
2937 | - software updates that address this vulnerability. There are no workarounds |
2938 | - that address this vulnerability. |
2939 | -Ubuntu-Description: |
2940 | -Notes: |
2941 | - mdeslaur> doesn't appear to affect 0.103.x |
2942 | -Mitigation: |
2943 | -Bugs: |
2944 | - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063479 |
2945 | -Priority: medium |
2946 | -Discovered-by: Amit Schendel |
2947 | -Assigned-to: |
2948 | -CVSS: |
2949 | - |
2950 | -Patches_clamav: |
2951 | -upstream_clamav: released (1.0.5+dfsg-1) |
2952 | -trusty_clamav: ignored (end of standard support) |
2953 | -trusty/esm_clamav: not-affected |
2954 | -xenial_clamav: ignored (end of standard support) |
2955 | -esm-infra/xenial_clamav: not-affected |
2956 | -bionic_clamav: ignored (end of standard support) |
2957 | -esm-infra/bionic_clamav: not-affected |
2958 | -focal_clamav: not-affected (0.103.11+dfsg-0ubuntu0.20.04.1) |
2959 | -jammy_clamav: not-affected (0.103.11+dfsg-0ubuntu0.22.04.1) |
2960 | -mantic_clamav: released (1.0.5+dfsg-0ubuntu0.23.10.1) |
2961 | -noble_clamav: released (1.0.5+dfsg-1ubuntu1) |
2962 | -devel_clamav: released (1.0.5+dfsg-1ubuntu1) |
2963 | diff --git a/active/CVE-2024-20380 b/active/CVE-2024-20380 |
2964 | deleted file mode 100644 |
2965 | index 8046a54..0000000 |
2966 | --- a/active/CVE-2024-20380 |
2967 | +++ /dev/null |
2968 | @@ -1,36 +0,0 @@ |
2969 | -Candidate: CVE-2024-20380 |
2970 | -PublicDate: 2024-04-18 20:15:00 UTC |
2971 | -References: |
2972 | - https://www.cve.org/CVERecord?id=CVE-2024-20380 |
2973 | - https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html |
2974 | -Description: |
2975 | - A vulnerability in the HTML parser of ClamAV could allow an |
2976 | - unauthenticated, remote attacker to cause a denial of service (DoS) |
2977 | - condition on an affected device. |
2978 | - The vulnerability is due to an issue in the C to Rust foreign function |
2979 | - interface. An attacker could exploit this vulnerability by submitting a |
2980 | - crafted file containing HTML content to be scanned by ClamAV on an affected |
2981 | - device. An exploit could allow the attacker to cause the ClamAV scanning |
2982 | - process to terminate, resulting in a DoS condition on the affected |
2983 | - software. |
2984 | -Ubuntu-Description: |
2985 | -Notes: |
2986 | - mdeslaur> per upstream "This issue affects version 1.3.0 only and does not |
2987 | - mdeslaur> affect prior versions." |
2988 | -Mitigation: |
2989 | -Bugs: |
2990 | -Priority: medium |
2991 | -Discovered-by: |
2992 | -Assigned-to: |
2993 | -CVSS: |
2994 | - |
2995 | -Patches_clamav: |
2996 | -upstream_clamav: needs-triage |
2997 | -trusty/esm_clamav: not-affected (1.3.0 only) |
2998 | -esm-infra/xenial_clamav: not-affected (1.3.0 only) |
2999 | -esm-infra/bionic_clamav: not-affected (1.3.0 only) |
3000 | -focal_clamav: not-affected (1.3.0 only) |
3001 | -jammy_clamav: not-affected (1.3.0 only) |
3002 | -mantic_clamav: not-affected (1.3.0 only) |
3003 | -noble_clamav: not-affected (1.3.0 only) |
3004 | -devel_clamav: not-affected (1.3.0 only) |
3005 | diff --git a/active/CVE-2024-20932 b/active/CVE-2024-20932 |
3006 | deleted file mode 100644 |
3007 | index 24fdec6..0000000 |
3008 | --- a/active/CVE-2024-20932 |
3009 | +++ /dev/null |
3010 | @@ -1,180 +0,0 @@ |
3011 | -PublicDateAtUSN: 2024-01-16 22:15:00 UTC |
3012 | -Candidate: CVE-2024-20932 |
3013 | -PublicDate: 2024-01-16 22:15:00 UTC |
3014 | -References: |
3015 | - https://www.oracle.com/security-alerts/cpujan2024.html |
3016 | - https://ubuntu.com/security/notices/USN-6661-1 |
3017 | - https://www.cve.org/CVERecord?id=CVE-2024-20932 |
3018 | -Description: |
3019 | - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM |
3020 | - Enterprise Edition product of Oracle Java SE (component: Security). |
3021 | - Supported versions that are affected are Oracle Java SE: 17.0.9; Oracle |
3022 | - GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 21.3.8 and |
3023 | - 22.3.4. Easily exploitable vulnerability allows unauthenticated attacker |
3024 | - with network access via multiple protocols to compromise Oracle Java SE, |
3025 | - Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful |
3026 | - attacks of this vulnerability can result in unauthorized creation, deletion |
3027 | - or modification access to critical data or all Oracle Java SE, Oracle |
3028 | - GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: |
3029 | - This vulnerability applies to Java deployments, typically in clients |
3030 | - running sandboxed Java Web Start applications or sandboxed Java applets, |
3031 | - that load and run untrusted code (e.g., code that comes from the internet) |
3032 | - and rely on the Java sandbox for security. This vulnerability does not |
3033 | - apply to Java deployments, typically in servers, that load and run only |
3034 | - trusted code (e.g., code installed by an administrator). CVSS 3.1 Base |
3035 | - Score 7.5 (Integrity impacts). CVSS Vector: |
3036 | - (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N). |
3037 | -Ubuntu-Description: |
3038 | -Notes: |
3039 | -Mitigation: |
3040 | -Bugs: |
3041 | -Priority: medium |
3042 | -Discovered-by: |
3043 | -Assigned-to: |
3044 | -CVSS: |
3045 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N [7.5 HIGH] |
3046 | - |
3047 | -Patches_openjdk-8: |
3048 | -upstream_openjdk-8: needs-triage |
3049 | -trusty_openjdk-8: DNE |
3050 | -xenial_openjdk-8: ignored (end of standard support) |
3051 | -esm-infra/xenial_openjdk-8: not-affected (code not present) |
3052 | -bionic_openjdk-8: ignored (end of standard support) |
3053 | -esm-apps/bionic_openjdk-8: not-affected (code not present) |
3054 | -focal_openjdk-8: not-affected (code not present) |
3055 | -esm-apps/focal_openjdk-8: not-affected (code not present) |
3056 | -jammy_openjdk-8: not-affected (code not present) |
3057 | -esm-apps/jammy_openjdk-8: not-affected (code not present) |
3058 | -lunar_openjdk-8: ignored (end of life, was needs-triage) |
3059 | -mantic_openjdk-8: not-affected (code not present) |
3060 | -noble_openjdk-8: not-affected (code not present) |
3061 | -esm-apps/noble_openjdk-8: not-affected (code not present) |
3062 | -devel_openjdk-8: not-affected (code not present) |
3063 | - |
3064 | -Patches_openjdk-9: |
3065 | -upstream_openjdk-9: needs-triage |
3066 | -trusty_openjdk-9: DNE |
3067 | -xenial_openjdk-9: ignored (end of standard support) |
3068 | -esm-apps/xenial_openjdk-9: ignored (no longer supported by upstream) |
3069 | -bionic_openjdk-9: DNE |
3070 | -focal_openjdk-9: DNE |
3071 | -jammy_openjdk-9: DNE |
3072 | -lunar_openjdk-9: DNE |
3073 | -mantic_openjdk-9: DNE |
3074 | -noble_openjdk-9: DNE |
3075 | -devel_openjdk-9: DNE |
3076 | - |
3077 | -Patches_openjdk-lts: |
3078 | -upstream_openjdk-lts: needs-triage |
3079 | -trusty_openjdk-lts: DNE |
3080 | -xenial_openjdk-lts: DNE |
3081 | -bionic_openjdk-lts: ignored (end of standard support) |
3082 | -esm-infra/bionic_openjdk-lts: not-affected (code not present) |
3083 | -focal_openjdk-lts: not-affected (code not present) |
3084 | -jammy_openjdk-lts: not-affected (code not present) |
3085 | -lunar_openjdk-lts: ignored (end of life, was needs-triage) |
3086 | -mantic_openjdk-lts: not-affected (code not present) |
3087 | -noble_openjdk-lts: not-affected (code not present) |
3088 | -esm-apps/noble_openjdk-lts: not-affected (code not present) |
3089 | -devel_openjdk-lts: not-affected (code not present) |
3090 | - |
3091 | -Patches_openjdk-13: |
3092 | -upstream_openjdk-13: needs-triage |
3093 | -trusty_openjdk-13: DNE |
3094 | -xenial_openjdk-13: DNE |
3095 | -bionic_openjdk-13: DNE |
3096 | -focal_openjdk-13: ignored (superseded by openjdk-17) |
3097 | -esm-apps/focal_openjdk-13: ignored (superseded by openjdk-17) |
3098 | -jammy_openjdk-13: DNE |
3099 | -lunar_openjdk-13: DNE |
3100 | -mantic_openjdk-13: DNE |
3101 | -noble_openjdk-13: DNE |
3102 | -devel_openjdk-13: DNE |
3103 | - |
3104 | -Patches_openjdk-16: |
3105 | -upstream_openjdk-16: needs-triage |
3106 | -trusty_openjdk-16: DNE |
3107 | -xenial_openjdk-16: DNE |
3108 | -bionic_openjdk-16: DNE |
3109 | -focal_openjdk-16: ignored (superseded by openjdk-17) |
3110 | -esm-apps/focal_openjdk-16: ignored (superseded by openjdk-17) |
3111 | -jammy_openjdk-16: DNE |
3112 | -lunar_openjdk-16: DNE |
3113 | -mantic_openjdk-16: DNE |
3114 | -noble_openjdk-16: DNE |
3115 | -devel_openjdk-16: DNE |
3116 | - |
3117 | -Patches_openjdk-17: |
3118 | - upstream: https://github.com/openjdk/jdk17u/commit/f6f32bf256e34447f54be823fdfb2e64e235e404 |
3119 | -upstream_openjdk-17: needs-triage |
3120 | -trusty_openjdk-17: DNE |
3121 | -xenial_openjdk-17: DNE |
3122 | -bionic_openjdk-17: ignored (end of standard support) |
3123 | -esm-apps/bionic_openjdk-17: released (17.0.10+7-1~18.04.1) |
3124 | -focal_openjdk-17: released (17.0.10+7-1~20.04.1) |
3125 | -jammy_openjdk-17: released (17.0.10+7-1~22.04.1) |
3126 | -esm-apps/jammy_openjdk-17: not-affected (17.0.10+7-1~22.04.1) |
3127 | -lunar_openjdk-17: ignored (end of life, was needs-triage) |
3128 | -mantic_openjdk-17: released (17.0.10+7-1~23.10.1) |
3129 | -noble_openjdk-17: not-affected (17.0.10+7-1) |
3130 | -devel_openjdk-17: not-affected (17.0.10+7-1) |
3131 | - |
3132 | -Patches_openjdk-18: |
3133 | -upstream_openjdk-18: needs-triage |
3134 | -trusty_openjdk-18: DNE |
3135 | -xenial_openjdk-18: DNE |
3136 | -bionic_openjdk-18: DNE |
3137 | -focal_openjdk-18: DNE |
3138 | -jammy_openjdk-18: ignored (superseded by openjdk-19) |
3139 | -esm-apps/jammy_openjdk-18: ignored (superseded by openjdk-19) |
3140 | -lunar_openjdk-18: ignored (superseded by openjdk-19) |
3141 | -mantic_openjdk-18: DNE |
3142 | -noble_openjdk-18: DNE |
3143 | -devel_openjdk-18: DNE |
3144 | - |
3145 | -Patches_openjdk-19: |
3146 | -upstream_openjdk-19: needs-triage |
3147 | -trusty_openjdk-19: DNE |
3148 | -xenial_openjdk-19: DNE |
3149 | -bionic_openjdk-19: DNE |
3150 | -focal_openjdk-19: DNE |
3151 | -jammy_openjdk-19: ignored (no longer supported by upstream) |
3152 | -lunar_openjdk-19: ignored (superseded by openjdk-20) |
3153 | -mantic_openjdk-19: ignored (superseded by openjdk-20) |
3154 | -noble_openjdk-19: DNE |
3155 | -devel_openjdk-19: DNE |
3156 | - |
3157 | -Patches_openjdk-20: |
3158 | -upstream_openjdk-20: needs-triage |
3159 | -trusty_openjdk-20: DNE |
3160 | -xenial_openjdk-20: DNE |
3161 | -bionic_openjdk-20: DNE |
3162 | -focal_openjdk-20: DNE |
3163 | -jammy_openjdk-20: DNE |
3164 | -lunar_openjdk-20: ignored (superseded by openjdk-21) |
3165 | -mantic_openjdk-20: ignored (superseded by openjdk-21) |
3166 | -noble_openjdk-20: DNE |
3167 | -devel_openjdk-20: DNE |
3168 | - |
3169 | -Patches_openjdk-21: |
3170 | -upstream_openjdk-21: needs-triage |
3171 | -trusty_openjdk-21: DNE |
3172 | -xenial_openjdk-21: DNE |
3173 | -bionic_openjdk-21: DNE |
3174 | -focal_openjdk-21: not-affected (code not present) |
3175 | -jammy_openjdk-21: not-affected (code not present) |
3176 | -lunar_openjdk-21: ignored (end of life, was needs-triage) |
3177 | -mantic_openjdk-21: not-affected (code not present) |
3178 | -noble_openjdk-21: not-affected (code not present) |
3179 | -devel_openjdk-21: not-affected (code not present) |
3180 | - |
3181 | -Patches_openjdk-22: |
3182 | -upstream_openjdk-22: needs-triage |
3183 | -trusty_openjdk-22: DNE |
3184 | -xenial_openjdk-22: DNE |
3185 | -bionic_openjdk-22: DNE |
3186 | -focal_openjdk-22: DNE |
3187 | -jammy_openjdk-22: DNE |
3188 | -lunar_openjdk-22: DNE |
3189 | -mantic_openjdk-22: not-affected (code not present) |
3190 | -devel_openjdk-22: DNE |
3191 | diff --git a/active/CVE-2024-2173 b/active/CVE-2024-2173 |
3192 | deleted file mode 100644 |
3193 | index a2790c9..0000000 |
3194 | --- a/active/CVE-2024-2173 |
3195 | +++ /dev/null |
3196 | @@ -1,31 +0,0 @@ |
3197 | -Candidate: CVE-2024-2173 |
3198 | -PublicDate: 2024-03-06 19:15:00 UTC |
3199 | -References: |
3200 | - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html |
3201 | - https://issues.chromium.org/issues/325893559 |
3202 | - https://www.cve.org/CVERecord?id=CVE-2024-2173 |
3203 | -Description: |
3204 | - Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 |
3205 | - allowed a remote attacker to perform out of bounds memory access via a |
3206 | - crafted HTML page. (Chromium security severity: High) |
3207 | -Ubuntu-Description: |
3208 | -Notes: |
3209 | - alexmurray> The Debian chromium source package is called chromium-browser |
3210 | - alexmurray> in Ubuntu |
3211 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
3212 | - mdeslaur> a script that installs the Chromium snap |
3213 | -Mitigation: |
3214 | -Bugs: |
3215 | -Priority: medium |
3216 | -Discovered-by: |
3217 | -Assigned-to: |
3218 | -CVSS: |
3219 | - |
3220 | -Patches_chromium-browser: |
3221 | -upstream_chromium-browser: released |
3222 | -focal_chromium-browser: not-affected (code not present) |
3223 | -jammy_chromium-browser: not-affected (code not present) |
3224 | -mantic_chromium-browser: not-affected (code not present) |
3225 | -noble_chromium-browser: not-affected (code not present) |
3226 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
3227 | -devel_chromium-browser: not-affected (code not present) |
3228 | diff --git a/active/CVE-2024-2174 b/active/CVE-2024-2174 |
3229 | deleted file mode 100644 |
3230 | index 324f774..0000000 |
3231 | --- a/active/CVE-2024-2174 |
3232 | +++ /dev/null |
3233 | @@ -1,31 +0,0 @@ |
3234 | -Candidate: CVE-2024-2174 |
3235 | -PublicDate: 2024-03-06 19:15:00 UTC |
3236 | -References: |
3237 | - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html |
3238 | - https://issues.chromium.org/issues/325866363 |
3239 | - https://www.cve.org/CVERecord?id=CVE-2024-2174 |
3240 | -Description: |
3241 | - Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 |
3242 | - allowed a remote attacker to potentially exploit heap corruption via a |
3243 | - crafted HTML page. (Chromium security severity: High) |
3244 | -Ubuntu-Description: |
3245 | -Notes: |
3246 | - alexmurray> The Debian chromium source package is called chromium-browser |
3247 | - alexmurray> in Ubuntu |
3248 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
3249 | - mdeslaur> a script that installs the Chromium snap |
3250 | -Mitigation: |
3251 | -Bugs: |
3252 | -Priority: medium |
3253 | -Discovered-by: |
3254 | -Assigned-to: |
3255 | -CVSS: |
3256 | - |
3257 | -Patches_chromium-browser: |
3258 | -upstream_chromium-browser: released |
3259 | -focal_chromium-browser: not-affected (code not present) |
3260 | -jammy_chromium-browser: not-affected (code not present) |
3261 | -mantic_chromium-browser: not-affected (code not present) |
3262 | -noble_chromium-browser: not-affected (code not present) |
3263 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
3264 | -devel_chromium-browser: not-affected (code not present) |
3265 | diff --git a/active/CVE-2024-2176 b/active/CVE-2024-2176 |
3266 | deleted file mode 100644 |
3267 | index 7b47613..0000000 |
3268 | --- a/active/CVE-2024-2176 |
3269 | +++ /dev/null |
3270 | @@ -1,31 +0,0 @@ |
3271 | -Candidate: CVE-2024-2176 |
3272 | -PublicDate: 2024-03-06 19:15:00 UTC |
3273 | -References: |
3274 | - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html |
3275 | - https://issues.chromium.org/issues/325936438 |
3276 | - https://www.cve.org/CVERecord?id=CVE-2024-2176 |
3277 | -Description: |
3278 | - Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a |
3279 | - remote attacker to potentially exploit heap corruption via a crafted HTML |
3280 | - page. (Chromium security severity: High) |
3281 | -Ubuntu-Description: |
3282 | -Notes: |
3283 | - alexmurray> The Debian chromium source package is called chromium-browser |
3284 | - alexmurray> in Ubuntu |
3285 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
3286 | - mdeslaur> a script that installs the Chromium snap |
3287 | -Mitigation: |
3288 | -Bugs: |
3289 | -Priority: medium |
3290 | -Discovered-by: |
3291 | -Assigned-to: |
3292 | -CVSS: |
3293 | - |
3294 | -Patches_chromium-browser: |
3295 | -upstream_chromium-browser: released |
3296 | -focal_chromium-browser: not-affected (code not present) |
3297 | -jammy_chromium-browser: not-affected (code not present) |
3298 | -mantic_chromium-browser: not-affected (code not present) |
3299 | -noble_chromium-browser: not-affected (code not present) |
3300 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
3301 | -devel_chromium-browser: not-affected (code not present) |
3302 | diff --git a/active/CVE-2024-22195 b/active/CVE-2024-22195 |
3303 | deleted file mode 100644 |
3304 | index 73fbc92..0000000 |
3305 | --- a/active/CVE-2024-22195 |
3306 | +++ /dev/null |
3307 | @@ -1,43 +0,0 @@ |
3308 | -PublicDateAtUSN: 2024-01-11 03:15:00 UTC |
3309 | -Candidate: CVE-2024-22195 |
3310 | -PublicDate: 2024-01-11 03:15:00 UTC |
3311 | -References: |
3312 | - https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95 |
3313 | - https://github.com/pallets/jinja/releases/tag/3.1.3 |
3314 | - https://ubuntu.com/security/notices/USN-6599-1 |
3315 | - https://www.cve.org/CVERecord?id=CVE-2024-22195 |
3316 | -Description: |
3317 | - Jinja is an extensible templating engine. Special placeholders in the |
3318 | - template allow writing code similar to Python syntax. It is possible to |
3319 | - inject arbitrary HTML attributes into the rendered HTML template, |
3320 | - potentially leading to Cross-Site Scripting (XSS). The Jinja `xmlattr` |
3321 | - filter can be abused to inject arbitrary HTML attribute keys and values, |
3322 | - bypassing the auto escaping mechanism and potentially leading to XSS. It |
3323 | - may also be possible to bypass attribute validation checks if they are |
3324 | - blacklist-based. |
3325 | - |
3326 | -Ubuntu-Description: |
3327 | -Notes: |
3328 | -Mitigation: |
3329 | -Bugs: |
3330 | -Priority: medium |
3331 | -Discovered-by: |
3332 | -Assigned-to: leosilva |
3333 | -CVSS: |
3334 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N [6.1 MEDIUM] |
3335 | - |
3336 | -Patches_jinja2: |
3337 | - upstream: https://github.com/pallets/jinja/commit/7dd3680e6eea0d77fde024763657aa4d884ddb23 |
3338 | -upstream_jinja2: needs-triage |
3339 | -trusty_jinja2: ignored (end of standard support) |
3340 | -trusty/esm_jinja2: released (2.7.2-2ubuntu0.1~esm2) |
3341 | -xenial_jinja2: ignored (end of standard support) |
3342 | -esm-infra/xenial_jinja2: released (2.8-1ubuntu0.1+esm2) |
3343 | -bionic_jinja2: ignored (end of standard support) |
3344 | -esm-infra/bionic_jinja2: released (2.10-1ubuntu0.18.04.1+esm1) |
3345 | -focal_jinja2: released (2.10.1-2ubuntu0.2) |
3346 | -jammy_jinja2: released (3.0.3-1ubuntu0.1) |
3347 | -lunar_jinja2: ignored (end of life) |
3348 | -mantic_jinja2: released (3.1.2-1ubuntu0.23.10.1) |
3349 | -noble_jinja2: released (3.1.2-1ubuntu1) |
3350 | -devel_jinja2: released (3.1.2-1ubuntu1) |
3351 | diff --git a/active/CVE-2024-22563 b/active/CVE-2024-22563 |
3352 | deleted file mode 100644 |
3353 | index 9bf971e..0000000 |
3354 | --- a/active/CVE-2024-22563 |
3355 | +++ /dev/null |
3356 | @@ -1,36 +0,0 @@ |
3357 | -Candidate: CVE-2024-22563 |
3358 | -PublicDate: 2024-01-19 15:15:00 UTC |
3359 | -References: |
3360 | - https://github.com/openvswitch/ovs-issues/issues/315 |
3361 | - https://www.cve.org/CVERecord?id=CVE-2024-22563 |
3362 | -Description: |
3363 | - openvswitch 2.17.8 was discovered to contain a memory leak via the function |
3364 | - xmalloc__ in openvswitch-2.17.8/lib/util.c. |
3365 | -Ubuntu-Description: |
3366 | -Notes: |
3367 | - sbeattie> introduced in b6e840a ("pcap-file: Add nanosecond resolution |
3368 | - pcap support.") (v2.11.0) |
3369 | - mdeslaur> This is fixed in 2.17.0, the CVE description is wrong |
3370 | -Mitigation: |
3371 | -Bugs: |
3372 | -Priority: low |
3373 | - Denial of service due to memory leak. |
3374 | -Discovered-by: |
3375 | -Assigned-to: |
3376 | -CVSS: |
3377 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH] |
3378 | - |
3379 | -Patches_openvswitch: |
3380 | - upstream: https://github.com/openvswitch/ovs/commit/3168f328c78cf6e4b3022940452673b0e49f7620 |
3381 | -upstream_openvswitch: released (2.13.5,2.17.0) |
3382 | -trusty_openvswitch: not-affected (code not present) |
3383 | -xenial_openvswitch: not-affected (code not present) |
3384 | -esm-infra/xenial_openvswitch: not-affected (code not present) |
3385 | -bionic_openvswitch: not-affected (code not present) |
3386 | -esm-infra/bionic_openvswitch: not-affected (code not present) |
3387 | -focal_openvswitch: released (2.13.8-0ubuntu1.1) |
3388 | -jammy_openvswitch: not-affected |
3389 | -lunar_openvswitch: not-affected |
3390 | -mantic_openvswitch: not-affected |
3391 | -noble_openvswitch: not-affected |
3392 | -devel_openvswitch: not-affected |
3393 | diff --git a/active/CVE-2024-22667 b/active/CVE-2024-22667 |
3394 | deleted file mode 100644 |
3395 | index 0432284..0000000 |
3396 | --- a/active/CVE-2024-22667 |
3397 | +++ /dev/null |
3398 | @@ -1,39 +0,0 @@ |
3399 | -PublicDateAtUSN: 2024-02-05 08:15:00 UTC |
3400 | -Candidate: CVE-2024-22667 |
3401 | -PublicDate: 2024-02-05 08:15:00 UTC |
3402 | -References: |
3403 | - https://gist.githubusercontent.com/henices/2467e7f22dcc2aa97a2453e197b55a0c/raw/7b54bccc9a129c604fb139266f4497ab7aaa94c7/gistfile1.txt |
3404 | - https://ubuntu.com/security/notices/USN-6698-1 |
3405 | - https://www.cve.org/CVERecord?id=CVE-2024-22667 |
3406 | -Description: |
3407 | - Vim before 9.0.2142 has a stack-based buffer overflow because |
3408 | - did_set_langmap in map.c calls sprintf to write to the error buffer that is |
3409 | - passed down to the option callback functions. |
3410 | -Ubuntu-Description: |
3411 | -Notes: |
3412 | - mdeslaur> requires sourcing a vim commands file or similar |
3413 | -Mitigation: |
3414 | -Bugs: |
3415 | -Priority: low |
3416 | - Denial of service only because of stack protector |
3417 | -Discovered-by: Zhen Zhou |
3418 | -Assigned-to: |
3419 | -CVSS: |
3420 | - nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [7.8 HIGH] |
3421 | - |
3422 | - |
3423 | -Patches_vim: |
3424 | - upstream: https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47 |
3425 | -Tags_vim: stack-protector |
3426 | -upstream_vim: released (2:9.0.2189-1) |
3427 | -trusty_vim: ignored (end of standard support) |
3428 | -trusty/esm_vim: released (2:7.4.052-1ubuntu3.1+esm16) |
3429 | -xenial_vim: ignored (end of standard support) |
3430 | -esm-infra/xenial_vim: released (2:7.4.1689-3ubuntu1.5+esm23) |
3431 | -bionic_vim: ignored (end of standard support) |
3432 | -esm-infra/bionic_vim: released (2:8.0.1453-1ubuntu1.13+esm8) |
3433 | -focal_vim: released (2:8.1.2269-1ubuntu5.22) |
3434 | -jammy_vim: released (2:8.2.3995-1ubuntu2.16) |
3435 | -mantic_vim: released (2:9.0.1672-1ubuntu2.3) |
3436 | -noble_vim: not-affected (2:9.1.0-1ubuntu1) |
3437 | -devel_vim: not-affected (2:9.1.0-1ubuntu1) |
3438 | diff --git a/active/CVE-2024-22860 b/active/CVE-2024-22860 |
3439 | deleted file mode 100644 |
3440 | index 52828ce..0000000 |
3441 | --- a/active/CVE-2024-22860 |
3442 | +++ /dev/null |
3443 | @@ -1,36 +0,0 @@ |
3444 | -Candidate: CVE-2024-22860 |
3445 | -PublicDate: 2024-01-27 06:15:00 UTC |
3446 | -References: |
3447 | - https://github.com/FFmpeg/FFmpeg/commit/d2e8974699a9e35cc1a926bf74a972300d629cd5 (n6.1) |
3448 | - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61991 |
3449 | - https://github.com/FFmpeg/FFmpeg/commit/d2e8974699a9e35cc1a926bf74a972300d629cd5 |
3450 | - https://www.cve.org/CVERecord?id=CVE-2024-22860 |
3451 | -Description: |
3452 | - Integer overflow vulnerability in FFmpeg before n6.1, allows remote |
3453 | - attackers to execute arbitrary code via the jpegxl_anim_read_packet |
3454 | - component in the JPEG XL Animation decoder. |
3455 | -Ubuntu-Description: |
3456 | -Notes: |
3457 | -Mitigation: |
3458 | -Bugs: |
3459 | -Priority: medium |
3460 | -Discovered-by: |
3461 | -Assigned-to: |
3462 | -CVSS: |
3463 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL] |
3464 | - |
3465 | -Patches_ffmpeg: |
3466 | -upstream_ffmpeg: released (7:6.1-1) |
3467 | -trusty_ffmpeg: DNE |
3468 | -xenial_ffmpeg: ignored (end of standard support) |
3469 | -esm-apps/xenial_ffmpeg: not-affected (code not present) |
3470 | -bionic_ffmpeg: ignored (end of standard support) |
3471 | -esm-apps/bionic_ffmpeg: not-affected (code not present) |
3472 | -focal_ffmpeg: not-affected (code not present) |
3473 | -esm-apps/focal_ffmpeg: not-affected (code not present) |
3474 | -jammy_ffmpeg: not-affected (code not present) |
3475 | -esm-apps/jammy_ffmpeg: not-affected (code not present) |
3476 | -mantic_ffmpeg: not-affected (code not present) |
3477 | -noble_ffmpeg: not-affected (7:6.1.1-1ubuntu1) |
3478 | -esm-apps/noble_ffmpeg: not-affected (7:6.1.1-1ubuntu1) |
3479 | -devel_ffmpeg: not-affected (7:6.1.1-1ubuntu1) |
3480 | diff --git a/active/CVE-2024-22861 b/active/CVE-2024-22861 |
3481 | deleted file mode 100644 |
3482 | index 2eb1eb9..0000000 |
3483 | --- a/active/CVE-2024-22861 |
3484 | +++ /dev/null |
3485 | @@ -1,34 +0,0 @@ |
3486 | -Candidate: CVE-2024-22861 |
3487 | -PublicDate: 2024-01-27 07:15:00 UTC |
3488 | -References: |
3489 | - https://github.com/FFmpeg/FFmpeg/commit/87b8c1081959e45ffdcbabb3d53ac9882ef2b5ce (n6.1) |
3490 | - https://github.com/FFmpeg/FFmpeg/commit/87b8c1081959e45ffdcbabb3d53ac9882ef2b5ce |
3491 | - https://www.cve.org/CVERecord?id=CVE-2024-22861 |
3492 | -Description: |
3493 | - Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to |
3494 | - cause a denial of service (DoS) via the avcodec/osq module. |
3495 | -Ubuntu-Description: |
3496 | -Notes: |
3497 | -Mitigation: |
3498 | -Bugs: |
3499 | -Priority: medium |
3500 | -Discovered-by: |
3501 | -Assigned-to: |
3502 | -CVSS: |
3503 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH] |
3504 | - |
3505 | -Patches_ffmpeg: |
3506 | -upstream_ffmpeg: released (7:6.1-1) |
3507 | -trusty_ffmpeg: DNE |
3508 | -xenial_ffmpeg: ignored (end of standard support) |
3509 | -esm-apps/xenial_ffmpeg: not-affected (code not present) |
3510 | -bionic_ffmpeg: ignored (end of standard support) |
3511 | -esm-apps/bionic_ffmpeg: not-affected (code not present) |
3512 | -focal_ffmpeg: not-affected (code not present) |
3513 | -esm-apps/focal_ffmpeg: not-affected (code not present) |
3514 | -jammy_ffmpeg: not-affected (code not present) |
3515 | -esm-apps/jammy_ffmpeg: not-affected (code not present) |
3516 | -mantic_ffmpeg: not-affected (code not present) |
3517 | -noble_ffmpeg: not-affected (7:6.1.1-1ubuntu1) |
3518 | -esm-apps/noble_ffmpeg: not-affected (7:6.1.1-1ubuntu1) |
3519 | -devel_ffmpeg: not-affected (7:6.1.1-1ubuntu1) |
3520 | diff --git a/active/CVE-2024-22862 b/active/CVE-2024-22862 |
3521 | deleted file mode 100644 |
3522 | index 545ceda..0000000 |
3523 | --- a/active/CVE-2024-22862 |
3524 | +++ /dev/null |
3525 | @@ -1,35 +0,0 @@ |
3526 | -Candidate: CVE-2024-22862 |
3527 | -PublicDate: 2024-01-27 06:15:00 UTC |
3528 | -References: |
3529 | - https://github.com/FFmpeg/FFmpeg/commit/ca09d8a0dcd82e3128e62463231296aaf63ae6f7 (n6.1) |
3530 | - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62113 |
3531 | - https://github.com/FFmpeg/FFmpeg/commit/ca09d8a0dcd82e3128e62463231296aaf63ae6f7 |
3532 | - https://www.cve.org/CVERecord?id=CVE-2024-22862 |
3533 | -Description: |
3534 | - Integer overflow vulnerability in FFmpeg before n6.1, allows remote |
3535 | - attackers to execute arbitrary code via the JJPEG XL Parser. |
3536 | -Ubuntu-Description: |
3537 | -Notes: |
3538 | -Mitigation: |
3539 | -Bugs: |
3540 | -Priority: medium |
3541 | -Discovered-by: |
3542 | -Assigned-to: |
3543 | -CVSS: |
3544 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL] |
3545 | - |
3546 | -Patches_ffmpeg: |
3547 | -upstream_ffmpeg: released (7:6.1-1) |
3548 | -trusty_ffmpeg: DNE |
3549 | -xenial_ffmpeg: ignored (end of standard support) |
3550 | -esm-apps/xenial_ffmpeg: not-affected (code not present) |
3551 | -bionic_ffmpeg: ignored (end of standard support) |
3552 | -esm-apps/bionic_ffmpeg: not-affected (code not present) |
3553 | -focal_ffmpeg: not-affected (code not present) |
3554 | -esm-apps/focal_ffmpeg: not-affected (code not present) |
3555 | -jammy_ffmpeg: not-affected (code not present) |
3556 | -esm-apps/jammy_ffmpeg: not-affected (code not present) |
3557 | -mantic_ffmpeg: not-affected (code not present) |
3558 | -noble_ffmpeg: not-affected (7:6.1.1-1ubuntu1) |
3559 | -esm-apps/noble_ffmpeg: not-affected (7:6.1.1-1ubuntu1) |
3560 | -devel_ffmpeg: not-affected (7:6.1.1-1ubuntu1) |
3561 | diff --git a/active/CVE-2024-2313 b/active/CVE-2024-2313 |
3562 | deleted file mode 100644 |
3563 | index be338c3..0000000 |
3564 | --- a/active/CVE-2024-2313 |
3565 | +++ /dev/null |
3566 | @@ -1,33 +0,0 @@ |
3567 | -Candidate: CVE-2024-2313 |
3568 | -PublicDate: 2024-03-10 23:15:00 UTC |
3569 | -CRD: 2024-03-06 |
3570 | -References: |
3571 | - https://www.cve.org/CVERecord?id=CVE-2024-2313 |
3572 | -Description: |
3573 | - If kernel headers need to be extracted, bpftrace will attempt to load them |
3574 | - from a temporary directory. An unprivileged attacker could use this to |
3575 | - force bcc to load compromised linux headers. Linux distributions which |
3576 | - provide kernel headers by default are not affected by default. |
3577 | -Ubuntu-Description: |
3578 | -Notes: |
3579 | -Mitigation: |
3580 | -Bugs: |
3581 | -Priority: medium |
3582 | -Discovered-by: Mark Esler |
3583 | -Assigned-to: |
3584 | -CVSS: |
3585 | - ubuntu: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L [2.8 LOW] |
3586 | - |
3587 | -Patches_bpftrace: |
3588 | - upstream: https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998 |
3589 | -upstream_bpftrace: released (v0.20.2) |
3590 | -trusty_bpftrace: DNE |
3591 | -xenial_bpftrace: DNE |
3592 | -bionic_bpftrace: DNE |
3593 | -focal_bpftrace: not-affected (kernel headers are provided by system) |
3594 | -esm-apps/focal_bpftrace: not-affected (kernel headers are provided by system) |
3595 | -jammy_bpftrace: not-affected (kernel headers are provided by system) |
3596 | -esm-apps/jammy_bpftrace: not-affected (kernel headers are provided by system) |
3597 | -mantic_bpftrace: not-affected (kernel headers are provided by system) |
3598 | -noble_bpftrace: not-affected (kernel headers are provided by system) |
3599 | -devel_bpftrace: not-affected (kernel headers are provided by system) |
3600 | diff --git a/active/CVE-2024-2314 b/active/CVE-2024-2314 |
3601 | deleted file mode 100644 |
3602 | index 546d4ba..0000000 |
3603 | --- a/active/CVE-2024-2314 |
3604 | +++ /dev/null |
3605 | @@ -1,34 +0,0 @@ |
3606 | -Candidate: CVE-2024-2314 |
3607 | -PublicDate: 2024-03-10 23:15:00 UTC |
3608 | -CRD: 2024-03-07 |
3609 | -References: |
3610 | - https://www.cve.org/CVERecord?id=CVE-2024-2314 |
3611 | -Description: |
3612 | - If kernel headers need to be extracted, bcc will attempt to load them from |
3613 | - a temporary directory. An unprivileged attacker could use this to force bcc |
3614 | - to load compromised linux headers. Linux distributions which provide kernel |
3615 | - headers by default are not affected by default. |
3616 | -Ubuntu-Description: |
3617 | -Notes: |
3618 | -Mitigation: |
3619 | -Bugs: |
3620 | -Priority: medium |
3621 | -Discovered-by: Mark Esler |
3622 | -Assigned-to: |
3623 | -CVSS: |
3624 | - ubuntu: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L [2.8 LOW] |
3625 | - |
3626 | -Patches_bpfcc: |
3627 | - upstream: https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 |
3628 | -upstream_bpfcc: released |
3629 | -trusty_bpfcc: DNE |
3630 | -xenial_bpfcc: DNE |
3631 | -bionic_bpfcc: ignored (end of standard support) |
3632 | -esm-apps/bionic_bpfcc: not-affected (kernel headers are provided by system) |
3633 | -focal_bpfcc: not-affected (kernel headers are provided by system) |
3634 | -esm-apps/focal_bpfcc: not-affected (kernel headers are provided by system) |
3635 | -jammy_bpfcc: not-affected (kernel headers are provided by system) |
3636 | -esm-apps/jammy_bpfcc: not-affected (kernel headers are provided by system) |
3637 | -mantic_bpfcc: not-affected (kernel headers are provided by system) |
3638 | -noble_bpfcc: not-affected (kernel headers are provided by system) |
3639 | -devel_bpfcc: not-affected (kernel headers are provided by system) |
3640 | diff --git a/active/CVE-2024-2379 b/active/CVE-2024-2379 |
3641 | deleted file mode 100644 |
3642 | index 557f809..0000000 |
3643 | --- a/active/CVE-2024-2379 |
3644 | +++ /dev/null |
3645 | @@ -1,34 +0,0 @@ |
3646 | -Candidate: CVE-2024-2379 |
3647 | -PublicDate: 2024-03-27 08:15:00 UTC |
3648 | -CRD: 2024-03-27 07:00:00 UTC |
3649 | -References: |
3650 | - https://curl.se/docs/CVE-2024-2379.html |
3651 | - https://www.cve.org/CVERecord?id=CVE-2024-2379 |
3652 | -Description: |
3653 | - libcurl skips the certificate verification for a QUIC connection under |
3654 | - certain conditions, when built to use wolfSSL. If told to use an |
3655 | - unknown/bad cipher or curve, the error path accidentally skips the |
3656 | - verification and returns OK, thus ignoring any certificate problems. |
3657 | -Ubuntu-Description: |
3658 | -Notes: |
3659 | - mdeslaur> Ubuntu package does not use the wolfSSL backend. |
3660 | - mdeslaur> Only affects 8.6.0. |
3661 | -Mitigation: |
3662 | -Bugs: |
3663 | -Priority: low |
3664 | - Upstream developers consider this a low severity issue |
3665 | -Discovered-by: Dexter Gerig |
3666 | -Assigned-to: |
3667 | -CVSS: |
3668 | - |
3669 | -Patches_curl: |
3670 | - upstream: https://github.com/curl/curl/commit/aedbbdf18e689a5eee8dc396 |
3671 | -upstream_curl: released (8.7.0) |
3672 | -trusty/esm_curl: not-affected (code not compiled) |
3673 | -esm-infra/xenial_curl: not-affected (code not compiled) |
3674 | -esm-infra/bionic_curl: not-affected (code not compiled) |
3675 | -focal_curl: not-affected (code not compiled) |
3676 | -jammy_curl: not-affected (code not compiled) |
3677 | -mantic_curl: not-affected (code not compiled) |
3678 | -noble_curl: not-affected (code not compiled) |
3679 | -devel_curl: not-affected (code not compiled) |
3680 | diff --git a/active/CVE-2024-2397 b/active/CVE-2024-2397 |
3681 | deleted file mode 100644 |
3682 | index c2fd9c7..0000000 |
3683 | --- a/active/CVE-2024-2397 |
3684 | +++ /dev/null |
3685 | @@ -1,30 +0,0 @@ |
3686 | -Candidate: CVE-2024-2397 |
3687 | -PublicDate: 2024-04-12 14:15:00 UTC |
3688 | -References: |
3689 | - https://www.cve.org/CVERecord?id=CVE-2024-2397 |
3690 | - https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2 |
3691 | -Description: |
3692 | - Due to a bug in packet data buffers management, the PPP printer in tcpdump |
3693 | - can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap |
3694 | - savefile. This problem does not affect any tcpdump release, but it |
3695 | - affected the git master branch from 2023-06-05 to 2024-03-21. |
3696 | -Ubuntu-Description: |
3697 | -Notes: |
3698 | - mdeslaur> only affected the master branch, not packages in Ubuntu |
3699 | -Mitigation: |
3700 | -Bugs: |
3701 | -Priority: medium |
3702 | -Discovered-by: |
3703 | -Assigned-to: |
3704 | -CVSS: |
3705 | - |
3706 | -Patches_tcpdump: |
3707 | -upstream_tcpdump: not-affected (debian: Vulnerable code not present in any version uploaded to Debian) |
3708 | -trusty/esm_tcpdump: not-affected |
3709 | -esm-infra/xenial_tcpdump: not-affected |
3710 | -esm-infra/bionic_tcpdump: not-affected |
3711 | -focal_tcpdump: not-affected |
3712 | -jammy_tcpdump: not-affected |
3713 | -mantic_tcpdump: not-affected |
3714 | -noble_tcpdump: not-affected |
3715 | -devel_tcpdump: not-affected |
3716 | diff --git a/active/CVE-2024-2398 b/active/CVE-2024-2398 |
3717 | deleted file mode 100644 |
3718 | index a3be88a..0000000 |
3719 | --- a/active/CVE-2024-2398 |
3720 | +++ /dev/null |
3721 | @@ -1,39 +0,0 @@ |
3722 | -PublicDateAtUSN: 2024-03-27 07:00:00 UTC |
3723 | -Candidate: CVE-2024-2398 |
3724 | -PublicDate: 2024-03-27 08:15:00 UTC |
3725 | -CRD: 2024-03-27 07:00:00 UTC |
3726 | -References: |
3727 | - https://curl.se/docs/CVE-2024-2398.html |
3728 | - https://ubuntu.com/security/notices/USN-6718-1 |
3729 | - https://ubuntu.com/security/notices/USN-6718-2 |
3730 | - https://www.cve.org/CVERecord?id=CVE-2024-2398 |
3731 | - https://ubuntu.com/security/notices/USN-6718-3 |
3732 | -Description: |
3733 | - When an application tells libcurl it wants to allow HTTP/2 server push, and |
3734 | - the amount of received headers for the push surpasses the maximum allowed |
3735 | - limit (1000), libcurl aborts the server push. When aborting, libcurl |
3736 | - inadvertently does not free all the previously allocated headers and |
3737 | - instead leaks the memory. Further, this error condition fails silently and |
3738 | - is therefore not easily detected by an application. |
3739 | -Ubuntu-Description: |
3740 | -Notes: |
3741 | - mdeslaur> affects curl 7.44.0 to and including 8.6.0 |
3742 | - mdeslaur> introduced in https://github.com/curl/curl/commit/ea7134ac874a66107e54ff9 |
3743 | -Mitigation: |
3744 | -Bugs: |
3745 | -Priority: medium |
3746 | -Discovered-by: w0x42 on hackerone |
3747 | -Assigned-to: |
3748 | -CVSS: |
3749 | - |
3750 | -Patches_curl: |
3751 | - upstream: https://github.com/curl/curl/commit/deca8039991886a559b67bcd6 |
3752 | -upstream_curl: released (8.7.0) |
3753 | -trusty/esm_curl: not-affected |
3754 | -esm-infra/xenial_curl: released (7.47.0-1ubuntu2.19+esm12) |
3755 | -esm-infra/bionic_curl: released (7.58.0-2ubuntu3.24+esm4) |
3756 | -focal_curl: released (7.68.0-1ubuntu2.22) |
3757 | -jammy_curl: released (7.81.0-1ubuntu1.16) |
3758 | -mantic_curl: released (8.2.1-1ubuntu3.3) |
3759 | -noble_curl: released (8.5.0-2ubuntu10.1) |
3760 | -devel_curl: released (8.5.0-2ubuntu10.1) |
3761 | diff --git a/active/CVE-2024-2400 b/active/CVE-2024-2400 |
3762 | deleted file mode 100644 |
3763 | index 7977d7a..0000000 |
3764 | --- a/active/CVE-2024-2400 |
3765 | +++ /dev/null |
3766 | @@ -1,33 +0,0 @@ |
3767 | -Candidate: CVE-2024-2400 |
3768 | -PublicDate: 2024-03-13 04:15:00 UTC |
3769 | -References: |
3770 | - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_12.html |
3771 | - https://issues.chromium.org/issues/327696052 |
3772 | - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T55OZ7JOMLNT5ICM4DTCZOJZD6TZICKO/ |
3773 | - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VIKPDCUMQNF2DFB7TU3V4ISJ7WFJH7YI/ |
3774 | - https://www.cve.org/CVERecord?id=CVE-2024-2400 |
3775 | -Description: |
3776 | - Use after free in Performance Manager in Google Chrome prior to |
3777 | - 122.0.6261.128 allowed a remote attacker to potentially exploit heap |
3778 | - corruption via a crafted HTML page. (Chromium security severity: High) |
3779 | -Ubuntu-Description: |
3780 | -Notes: |
3781 | - alexmurray> The Debian chromium source package is called chromium-browser |
3782 | - alexmurray> in Ubuntu |
3783 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
3784 | - mdeslaur> a script that installs the Chromium snap |
3785 | -Mitigation: |
3786 | -Bugs: |
3787 | -Priority: medium |
3788 | -Discovered-by: |
3789 | -Assigned-to: |
3790 | -CVSS: |
3791 | - |
3792 | -Patches_chromium-browser: |
3793 | -upstream_chromium-browser: released |
3794 | -focal_chromium-browser: not-affected (code not present) |
3795 | -jammy_chromium-browser: not-affected (code not present) |
3796 | -mantic_chromium-browser: not-affected (code not present) |
3797 | -noble_chromium-browser: not-affected (code not present) |
3798 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
3799 | -devel_chromium-browser: not-affected (code not present) |
3800 | diff --git a/active/CVE-2024-24246 b/active/CVE-2024-24246 |
3801 | deleted file mode 100644 |
3802 | index b34a39b..0000000 |
3803 | --- a/active/CVE-2024-24246 |
3804 | +++ /dev/null |
3805 | @@ -1,34 +0,0 @@ |
3806 | -PublicDateAtUSN: 2024-02-29 20:15:00 UTC |
3807 | -Candidate: CVE-2024-24246 |
3808 | -PublicDate: 2024-02-29 20:15:00 UTC |
3809 | -References: |
3810 | - https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FX3D3YCNS6CQL3774OFUROLP3EM25ILC/ |
3811 | - https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4WLK6ICPJUMOJNHZQWXAA5MPXG5JHZZL/ |
3812 | - https://ubuntu.com/security/notices/USN-6713-1 |
3813 | - https://www.cve.org/CVERecord?id=CVE-2024-24246 |
3814 | -Description: |
3815 | - Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash |
3816 | - the application via the std::__shared_count() function at |
3817 | - /bits/shared_ptr_base.h. |
3818 | -Ubuntu-Description: |
3819 | -Notes: |
3820 | -Mitigation: |
3821 | -Bugs: |
3822 | - https://github.com/qpdf/qpdf/issues/1123 |
3823 | -Priority: medium |
3824 | -Discovered-by: |
3825 | -Assigned-to: |
3826 | -CVSS: |
3827 | - nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [5.5 MEDIUM] |
3828 | - |
3829 | - |
3830 | -Patches_qpdf: |
3831 | - upstream: https://github.com/qpdf/qpdf/commit/cb0f390cc1f98a8e82b27259f8f3cd5f162992eb (v11.9.0) |
3832 | -upstream_qpdf: released (11.9.0-1) |
3833 | -esm-infra/xenial_qpdf: not-affected (code not present) |
3834 | -esm-infra/bionic_qpdf: not-affected (code not present) |
3835 | -focal_qpdf: not-affected (code not present) |
3836 | -jammy_qpdf: not-affected (code not present) |
3837 | -mantic_qpdf: released (11.5.0-1ubuntu1.1) |
3838 | -noble_qpdf: not-affected (11.9.0-1) |
3839 | -devel_qpdf: not-affected (11.9.0-1) |
3840 | diff --git a/active/CVE-2024-24482 b/active/CVE-2024-24482 |
3841 | deleted file mode 100644 |
3842 | index 41f5c51..0000000 |
3843 | --- a/active/CVE-2024-24482 |
3844 | +++ /dev/null |
3845 | @@ -1,33 +0,0 @@ |
3846 | -Candidate: CVE-2024-24482 |
3847 | -PublicDate: 2024-02-02 05:15:00 UTC |
3848 | -References: |
3849 | - https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-vgwr-4w3p-xmjv |
3850 | - https://www.cve.org/CVERecord?id=CVE-2024-24482 |
3851 | -Description: |
3852 | - Aprktool before 2.9.3 on Windows allows ../ and /.. directory traversal. |
3853 | -Ubuntu-Description: |
3854 | -Notes: |
3855 | -Mitigation: |
3856 | -Bugs: |
3857 | -Priority: medium |
3858 | -Discovered-by: |
3859 | -Assigned-to: |
3860 | -CVSS: |
3861 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL] |
3862 | - |
3863 | - |
3864 | -Patches_apktool: |
3865 | -upstream_apktool: not-affected (Windows only) |
3866 | -trusty_apktool: DNE |
3867 | -xenial_apktool: ignored (end of standard support) |
3868 | -esm-apps/xenial_apktool: not-affected (Windows only) |
3869 | -bionic_apktool: ignored (end of standard support) |
3870 | -esm-apps/bionic_apktool: not-affected (Windows only) |
3871 | -focal_apktool: not-affected (Windows only) |
3872 | -esm-apps/focal_apktool: not-affected (Windows only) |
3873 | -jammy_apktool: not-affected (Windows only) |
3874 | -esm-apps/jammy_apktool: not-affected (Windows only) |
3875 | -mantic_apktool: not-affected (Windows only) |
3876 | -noble_apktool: not-affected (Windows only) |
3877 | -esm-apps/noble_apktool: not-affected (Windows only) |
3878 | -devel_apktool: not-affected (Windows only) |
3879 | diff --git a/active/CVE-2024-24575 b/active/CVE-2024-24575 |
3880 | deleted file mode 100644 |
3881 | index 5a4f1ef..0000000 |
3882 | --- a/active/CVE-2024-24575 |
3883 | +++ /dev/null |
3884 | @@ -1,48 +0,0 @@ |
3885 | -PublicDateAtUSN: 2024-02-06 22:16:00 UTC |
3886 | -Candidate: CVE-2024-24575 |
3887 | -PublicDate: 2024-02-06 22:16:00 UTC |
3888 | -References: |
3889 | - https://github.com/libgit2/libgit2/security/advisories/GHSA-54mf-x2rh-hq9v |
3890 | - https://github.com/libgit2/libgit2/commit/add2dabb3c16aa49b33904dcdc07cd915efc12fa |
3891 | - https://github.com/libgit2/libgit2/releases/tag/v1.6.5 |
3892 | - https://github.com/libgit2/libgit2/releases/tag/v1.7.2 |
3893 | - https://ubuntu.com/security/notices/USN-6678-1 |
3894 | - https://www.cve.org/CVERecord?id=CVE-2024-24575 |
3895 | -Description: |
3896 | - libgit2 is a portable C implementation of the Git core methods provided as |
3897 | - a linkable library with a solid API, allowing to build Git functionality |
3898 | - into your application. Using well-crafted inputs to `git_revparse_single` |
3899 | - can cause the function to enter an infinite loop, potentially causing a |
3900 | - Denial of Service attack in the calling application. The revparse function |
3901 | - in `src/libgit2/revparse.c` uses a loop to parse the user-provided spec |
3902 | - string. There is an edge-case during parsing that allows a bad actor to |
3903 | - force the loop conditions to access arbitrary memory. Potentially, this |
3904 | - could also leak memory if the extracted rev spec is reflected back to the |
3905 | - attacker. As such, libgit2 versions before 1.4.0 are not affected. Users |
3906 | - should upgrade to version 1.6.5 or 1.7.2. |
3907 | -Ubuntu-Description: |
3908 | -Notes: |
3909 | -Mitigation: |
3910 | -Bugs: |
3911 | -Priority: medium |
3912 | -Discovered-by: |
3913 | -Assigned-to: fabian |
3914 | -CVSS: |
3915 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH] |
3916 | - |
3917 | - |
3918 | -Patches_libgit2: |
3919 | -upstream_libgit2: needs-triage |
3920 | -trusty_libgit2: ignored (end of standard support) |
3921 | -trusty/esm_libgit2: not-affected |
3922 | -xenial_libgit2: ignored (end of standard support) |
3923 | -esm-apps/xenial_libgit2: not-affected |
3924 | -bionic_libgit2: ignored (end of standard support) |
3925 | -esm-apps/bionic_libgit2: not-affected |
3926 | -focal_libgit2: not-affected |
3927 | -esm-apps/focal_libgit2: not-affected |
3928 | -jammy_libgit2: not-affected |
3929 | -esm-apps/jammy_libgit2: not-affected |
3930 | -mantic_libgit2: released (1.5.1+ds-1ubuntu1.1) |
3931 | -noble_libgit2: not-affected |
3932 | -devel_libgit2: not-affected |
3933 | diff --git a/active/CVE-2024-2466 b/active/CVE-2024-2466 |
3934 | deleted file mode 100644 |
3935 | index 534bf6a..0000000 |
3936 | --- a/active/CVE-2024-2466 |
3937 | +++ /dev/null |
3938 | @@ -1,36 +0,0 @@ |
3939 | -Candidate: CVE-2024-2466 |
3940 | -PublicDate: 2024-03-27 08:15:00 UTC |
3941 | -CRD: 2024-03-27 07:00:00 UTC |
3942 | -References: |
3943 | - https://curl.se/docs/CVE-2024-2466.html |
3944 | - https://www.cve.org/CVERecord?id=CVE-2024-2466 |
3945 | -Description: |
3946 | - libcurl did not check the server certificate of TLS connections done to a |
3947 | - host specified as an IP address, when built to use mbedTLS. libcurl would |
3948 | - wrongly avoid using the set hostname function when the specified hostname |
3949 | - was given as an IP address, therefore completely skipping the certificate |
3950 | - check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, |
3951 | - SMTPS, etc). |
3952 | -Ubuntu-Description: |
3953 | -Notes: |
3954 | - mdeslaur> Ubuntu package does not use the wolfSSL backend. |
3955 | - mdeslaur> affects curl 8.5.0 to and including 8.6.0 |
3956 | - mdeslaur> introduced in https://github.com/curl/curl/commit/fa714830e92cba7b16b9d3f |
3957 | -Mitigation: |
3958 | -Bugs: |
3959 | -Priority: medium |
3960 | -Discovered-by: Frank Yueh |
3961 | -Assigned-to: |
3962 | -CVSS: |
3963 | - |
3964 | -Patches_curl: |
3965 | - upstream: https://github.com/curl/curl/commit/3d0fd382a29b95561b90b7ea3e7e |
3966 | -upstream_curl: released (8.7.0) |
3967 | -trusty/esm_curl: not-affected (code not compiled) |
3968 | -esm-infra/xenial_curl: not-affected (code not compiled) |
3969 | -esm-infra/bionic_curl: not-affected (code not compiled) |
3970 | -focal_curl: not-affected (code not compiled) |
3971 | -jammy_curl: not-affected (code not compiled) |
3972 | -mantic_curl: not-affected (code not compiled) |
3973 | -noble_curl: not-affected (code not compiled) |
3974 | -devel_curl: not-affected (code not compiled) |
3975 | diff --git a/active/CVE-2024-24761 b/active/CVE-2024-24761 |
3976 | deleted file mode 100644 |
3977 | index a6000d8..0000000 |
3978 | --- a/active/CVE-2024-24761 |
3979 | +++ /dev/null |
3980 | @@ -1,29 +0,0 @@ |
3981 | -Candidate: CVE-2024-24761 |
3982 | -PublicDate: 2024-03-06 18:15:00 UTC |
3983 | -References: |
3984 | - https://github.com/galette/galette/security/advisories/GHSA-jrqg-mpwv-pxpv |
3985 | - https://github.com/galette/galette/commit/a5c18bb9819b8da1b3ef58f3e79577083c657fbb |
3986 | - https://www.cve.org/CVERecord?id=CVE-2024-24761 |
3987 | -Description: |
3988 | - Galette is a membership management web application for non profit |
3989 | - organizations. Starting in version 1.0.0 and prior to version 1.0.2, public |
3990 | - pages are per default restricted to only administrators and staff members. |
3991 | - From configuration, it is possible to restrict to up-to-date members or to |
3992 | - everyone. Version 1.0.2 fixes this issue. |
3993 | -Ubuntu-Description: |
3994 | -Notes: |
3995 | -Mitigation: |
3996 | -Bugs: |
3997 | -Priority: medium |
3998 | -Discovered-by: |
3999 | -Assigned-to: |
4000 | -CVSS: |
4001 | - |
4002 | -Patches_galette: |
4003 | -upstream_galette: needs-triage |
4004 | -esm-apps/xenial_galette: not-affected (code not present) |
4005 | -focal_galette: DNE |
4006 | -jammy_galette: DNE |
4007 | -mantic_galette: DNE |
4008 | -noble_galette: DNE |
4009 | -devel_galette: DNE |
4010 | diff --git a/active/CVE-2024-24806 b/active/CVE-2024-24806 |
4011 | deleted file mode 100644 |
4012 | index eeca043..0000000 |
4013 | --- a/active/CVE-2024-24806 |
4014 | +++ /dev/null |
4015 | @@ -1,53 +0,0 @@ |
4016 | -PublicDateAtUSN: 2024-02-07 22:15:00 UTC |
4017 | -Candidate: CVE-2024-24806 |
4018 | -PublicDate: 2024-02-07 22:15:00 UTC |
4019 | -References: |
4020 | - https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6 |
4021 | - http://www.openwall.com/lists/oss-security/2024/02/08/2 |
4022 | - https://ubuntu.com/security/notices/USN-6666-1 |
4023 | - https://www.cve.org/CVERecord?id=CVE-2024-24806 |
4024 | -Description: |
4025 | - libuv is a multi-platform support library with a focus on asynchronous I/O. |
4026 | - The `uv_getaddrinfo` function in `src/unix/getaddrinfo.c` (and its windows |
4027 | - counterpart `src/win/getaddrinfo.c`), truncates hostnames to 256 characters |
4028 | - before calling `getaddrinfo`. This behavior can be exploited to create |
4029 | - addresses like `0x00007f000001`, which are considered valid by |
4030 | - `getaddrinfo` and could allow an attacker to craft payloads that resolve to |
4031 | - unintended IP addresses, bypassing developer checks. The vulnerability |
4032 | - arises due to how the `hostname_ascii` variable (with a length of 256 |
4033 | - bytes) is handled in `uv_getaddrinfo` and subsequently in |
4034 | - `uv__idna_toascii`. When the hostname exceeds 256 characters, it gets |
4035 | - truncated without a terminating null byte. As a result attackers may be |
4036 | - able to access internal APIs or for websites (similar to MySpace) that |
4037 | - allows users to have `username.example.com` pages. Internal services that |
4038 | - crawl or cache these user pages can be exposed to SSRF attacks if a |
4039 | - malicious user chooses a long vulnerable username. This issue has been |
4040 | - addressed in release version 1.48.0. Users are advised to upgrade. There |
4041 | - are no known workarounds for this vulnerability. |
4042 | -Ubuntu-Description: |
4043 | -Notes: |
4044 | -Mitigation: |
4045 | -Bugs: |
4046 | - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063484 |
4047 | -Priority: medium |
4048 | -Discovered-by: |
4049 | -Assigned-to: |
4050 | -CVSS: |
4051 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L [7.3 HIGH] |
4052 | - |
4053 | - |
4054 | -Patches_libuv1: |
4055 | - upstream: https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629 (v1.48.0) |
4056 | - upstream: https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70 (v1.48.0) |
4057 | - upstream: https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39 (v1.48.0) |
4058 | -upstream_libuv1: needs-triage |
4059 | -trusty_libuv1: DNE |
4060 | -xenial_libuv1: ignored (end of standard support) |
4061 | -esm-apps/xenial_libuv1: not-affected (code not present) |
4062 | -bionic_libuv1: ignored (end of standard support) |
4063 | -esm-infra/bionic_libuv1: not-affected (code not present) |
4064 | -focal_libuv1: released (1.34.2-1ubuntu1.5) |
4065 | -jammy_libuv1: released (1.43.0-1ubuntu0.1) |
4066 | -mantic_libuv1: released (1.44.2-1ubuntu0.1) |
4067 | -noble_libuv1: not-affected (1.48.0-1) |
4068 | -devel_libuv1: not-affected (1.48.0-1) |
4069 | diff --git a/active/CVE-2024-24826 b/active/CVE-2024-24826 |
4070 | deleted file mode 100644 |
4071 | index 266072c..0000000 |
4072 | --- a/active/CVE-2024-24826 |
4073 | +++ /dev/null |
4074 | @@ -1,37 +0,0 @@ |
4075 | -Candidate: CVE-2024-24826 |
4076 | -PublicDate: 2024-02-12 23:15:00 UTC |
4077 | -References: |
4078 | - https://github.com/Exiv2/exiv2/security/advisories/GHSA-g9xm-7538-mq8w |
4079 | - https://github.com/Exiv2/exiv2/pull/2337 |
4080 | - https://www.cve.org/CVERecord?id=CVE-2024-24826 |
4081 | -Description: |
4082 | - Exiv2 is a command-line utility and C++ library for reading, writing, |
4083 | - deleting, and modifying the metadata of image files. An out-of-bounds read |
4084 | - was found in Exiv2 version v0.28.1. The vulnerable function, |
4085 | - `QuickTimeVideo::NikonTagsDecoder`, was new in v0.28.0, so Exiv2 versions |
4086 | - before v0.28 are _not_ affected. The out-of-bounds read is triggered when |
4087 | - Exiv2 is used to read the metadata of a crafted video file. In most cases |
4088 | - this out of bounds read will result in a crash. This bug is fixed in |
4089 | - version v0.28.2. Users are advised to upgrade. There are no known |
4090 | - workarounds for this vulnerability. |
4091 | -Ubuntu-Description: |
4092 | -Notes: |
4093 | -Mitigation: |
4094 | -Bugs: |
4095 | -Priority: medium |
4096 | -Discovered-by: |
4097 | -Assigned-to: |
4098 | -CVSS: |
4099 | - |
4100 | -Patches_exiv2: |
4101 | -upstream_exiv2: released (v0.28.2) |
4102 | -trusty_exiv2: ignored (end of standard support) |
4103 | -xenial_exiv2: ignored (end of standard support) |
4104 | -esm-infra/xenial_exiv2: not-affected |
4105 | -bionic_exiv2: ignored (end of standard support) |
4106 | -esm-infra/bionic_exiv2: not-affected |
4107 | -focal_exiv2: not-affected |
4108 | -jammy_exiv2: not-affected |
4109 | -mantic_exiv2: not-affected (0.27.6-1) |
4110 | -noble_exiv2: not-affected |
4111 | -devel_exiv2: not-affected |
4112 | diff --git a/active/CVE-2024-24989 b/active/CVE-2024-24989 |
4113 | deleted file mode 100644 |
4114 | index b651bd1..0000000 |
4115 | --- a/active/CVE-2024-24989 |
4116 | +++ /dev/null |
4117 | @@ -1,39 +0,0 @@ |
4118 | -Candidate: CVE-2024-24989 |
4119 | -PublicDate: 2024-02-14 17:15:00 UTC |
4120 | -References: |
4121 | - https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html |
4122 | - https://www.cve.org/CVERecord?id=CVE-2024-24989 |
4123 | -Description: |
4124 | - When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, |
4125 | - undisclosed requests can cause NGINX worker processes to terminate. Note: |
4126 | - The HTTP/3 QUIC module is not enabled by default and is considered |
4127 | - experimental. For more information, refer to Support for QUIC and HTTP/3 |
4128 | - https://nginx.org/en/docs/quic.html . NOTE: Software versions which have |
4129 | - reached End of Technical Support (EoTS) are not evaluated |
4130 | -Ubuntu-Description: |
4131 | -Notes: |
4132 | - mdeslaur> only when built with ngx_http_v3_module |
4133 | - mdeslaur> introduced in 1.25.0+ |
4134 | -Mitigation: |
4135 | -Bugs: |
4136 | -Priority: medium |
4137 | -Discovered-by: |
4138 | -Assigned-to: |
4139 | -CVSS: |
4140 | - |
4141 | -Patches_nginx: |
4142 | - upstream: https://github.com/nginx/nginx/commit/ed47f72a85fb6279e2ba5d431f64ea4db695cf4e (maybe?) |
4143 | - upstream: https://github.com/nginx/nginx/commit/5902baf680609f884a1e11ff2b82a0bffb3724cc |
4144 | - upstream: https://github.com/nginx/nginx/commit/5818f8a6693b3c0d95021f2ee58b69dcf848911c |
4145 | -upstream_nginx: released (1.25.4) |
4146 | -trusty_nginx: ignored (end of standard support) |
4147 | -trusty/esm_nginx: not-affected (code not present) |
4148 | -xenial_nginx: ignored (end of standard support) |
4149 | -esm-infra/xenial_nginx: not-affected (code not present) |
4150 | -bionic_nginx: ignored (end of standard support) |
4151 | -esm-infra/bionic_nginx: not-affected (code not present) |
4152 | -focal_nginx: not-affected (code not present) |
4153 | -jammy_nginx: not-affected (code not present) |
4154 | -mantic_nginx: not-affected (code not present) |
4155 | -noble_nginx: not-affected (code not present) |
4156 | -devel_nginx: not-affected (code not present) |
4157 | diff --git a/active/CVE-2024-24990 b/active/CVE-2024-24990 |
4158 | deleted file mode 100644 |
4159 | index 3aa5be4..0000000 |
4160 | --- a/active/CVE-2024-24990 |
4161 | +++ /dev/null |
4162 | @@ -1,39 +0,0 @@ |
4163 | -Candidate: CVE-2024-24990 |
4164 | -PublicDate: 2024-02-14 17:15:00 UTC |
4165 | -References: |
4166 | - https://mailman.nginx.org/pipermail/nginx-announce/2024/NW6MNW34VZ6HDIHH5YFBIJYZJN7FGNAV.html |
4167 | - https://www.cve.org/CVERecord?id=CVE-2024-24990 |
4168 | -Description: |
4169 | - When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, |
4170 | - undisclosed requests can cause NGINX worker processes to terminate. Note: |
4171 | - The HTTP/3 QUIC module is not enabled by default and is considered |
4172 | - experimental. For more information, refer to Support for QUIC and HTTP/3 |
4173 | - https://nginx.org/en/docs/quic.html . Note: Software versions which have |
4174 | - reached End of Technical Support (EoTS) are not evaluated |
4175 | -Ubuntu-Description: |
4176 | -Notes: |
4177 | - mdeslaur> only when built with ngx_http_v3_module |
4178 | - mdeslaur> introduced in 1.25.0+ |
4179 | -Mitigation: |
4180 | -Bugs: |
4181 | -Priority: medium |
4182 | -Discovered-by: |
4183 | -Assigned-to: |
4184 | -CVSS: |
4185 | - |
4186 | -Patches_nginx: |
4187 | - upstream: https://github.com/nginx/nginx/commit/ed47f72a85fb6279e2ba5d431f64ea4db695cf4e (maybe?) |
4188 | - upstream: https://github.com/nginx/nginx/commit/5902baf680609f884a1e11ff2b82a0bffb3724cc |
4189 | - upstream: https://github.com/nginx/nginx/commit/5818f8a6693b3c0d95021f2ee58b69dcf848911c |
4190 | -upstream_nginx: released (1.25.4) |
4191 | -trusty_nginx: ignored (end of standard support) |
4192 | -trusty/esm_nginx: not-affected (code not present) |
4193 | -xenial_nginx: ignored (end of standard support) |
4194 | -esm-infra/xenial_nginx: not-affected (code not present) |
4195 | -bionic_nginx: ignored (end of standard support) |
4196 | -esm-infra/bionic_nginx: not-affected (code not present) |
4197 | -focal_nginx: not-affected (code not present) |
4198 | -jammy_nginx: not-affected (code not present) |
4199 | -mantic_nginx: not-affected (code not present) |
4200 | -noble_nginx: not-affected (code not present) |
4201 | -devel_nginx: not-affected (code not present) |
4202 | diff --git a/active/CVE-2024-25112 b/active/CVE-2024-25112 |
4203 | deleted file mode 100644 |
4204 | index 84bb3d9..0000000 |
4205 | --- a/active/CVE-2024-25112 |
4206 | +++ /dev/null |
4207 | @@ -1,37 +0,0 @@ |
4208 | -Candidate: CVE-2024-25112 |
4209 | -PublicDate: 2024-02-12 23:15:00 UTC |
4210 | -References: |
4211 | - https://github.com/Exiv2/exiv2/security/advisories/GHSA-crmj-qh74-2r36 |
4212 | - https://github.com/Exiv2/exiv2/pull/2337 |
4213 | - https://www.cve.org/CVERecord?id=CVE-2024-25112 |
4214 | -Description: |
4215 | - Exiv2 is a command-line utility and C++ library for reading, writing, |
4216 | - deleting, and modifying the metadata of image files. A denial-of-service |
4217 | - was found in Exiv2 version v0.28.1: an unbounded recursion can cause Exiv2 |
4218 | - to crash by exhausting the stack. The vulnerable function, |
4219 | - `QuickTimeVideo::multipleEntriesDecoder`, was new in v0.28.0, so Exiv2 |
4220 | - versions before v0.28 are _not_ affected. The denial-of-service is |
4221 | - triggered when Exiv2 is used to read the metadata of a crafted video file. |
4222 | - This bug is fixed in version v0.28.2. Users are advised to upgrade. There |
4223 | - are no known workarounds for this vulnerability. |
4224 | -Ubuntu-Description: |
4225 | -Notes: |
4226 | -Mitigation: |
4227 | -Bugs: |
4228 | -Priority: medium |
4229 | -Discovered-by: |
4230 | -Assigned-to: |
4231 | -CVSS: |
4232 | - |
4233 | -Patches_exiv2: |
4234 | -upstream_exiv2: released (v0.28.2) |
4235 | -trusty_exiv2: ignored (end of standard support) |
4236 | -xenial_exiv2: ignored (end of standard support) |
4237 | -esm-infra/xenial_exiv2: not-affected |
4238 | -bionic_exiv2: ignored (end of standard support) |
4239 | -esm-infra/bionic_exiv2: not-affected |
4240 | -focal_exiv2: not-affected |
4241 | -jammy_exiv2: not-affected |
4242 | -mantic_exiv2: not-affected (0.27.6-1) |
4243 | -noble_exiv2: not-affected |
4244 | -devel_exiv2: not-affected |
4245 | diff --git a/active/CVE-2024-2625 b/active/CVE-2024-2625 |
4246 | deleted file mode 100644 |
4247 | index 2c545c9..0000000 |
4248 | --- a/active/CVE-2024-2625 |
4249 | +++ /dev/null |
4250 | @@ -1,31 +0,0 @@ |
4251 | -Candidate: CVE-2024-2625 |
4252 | -PublicDate: 2024-03-20 17:15:00 UTC |
4253 | -References: |
4254 | - https://www.cve.org/CVERecord?id=CVE-2024-2625 |
4255 | -Description: |
4256 | - Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 |
4257 | - allowed a remote attacker to potentially exploit object corruption via a |
4258 | - crafted HTML page. (Chromium security severity: High) |
4259 | -Ubuntu-Description: |
4260 | -Notes: |
4261 | - alexmurray> The Debian chromium source package is called chromium-browser |
4262 | - alexmurray> in Ubuntu |
4263 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
4264 | - mdeslaur> a script that installs the Chromium snap |
4265 | -Mitigation: |
4266 | -Bugs: |
4267 | -Priority: medium |
4268 | -Discovered-by: |
4269 | -Assigned-to: |
4270 | -CVSS: |
4271 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH] |
4272 | - |
4273 | - |
4274 | -Patches_chromium-browser: |
4275 | -upstream_chromium-browser: released |
4276 | -focal_chromium-browser: not-affected (code not present) |
4277 | -jammy_chromium-browser: not-affected (code not present) |
4278 | -mantic_chromium-browser: not-affected (code not present) |
4279 | -noble_chromium-browser: not-affected (code not present) |
4280 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
4281 | -devel_chromium-browser: not-affected (code not present) |
4282 | diff --git a/active/CVE-2024-2626 b/active/CVE-2024-2626 |
4283 | deleted file mode 100644 |
4284 | index 48a6876..0000000 |
4285 | --- a/active/CVE-2024-2626 |
4286 | +++ /dev/null |
4287 | @@ -1,31 +0,0 @@ |
4288 | -Candidate: CVE-2024-2626 |
4289 | -PublicDate: 2024-03-20 17:15:00 UTC |
4290 | -References: |
4291 | - https://www.cve.org/CVERecord?id=CVE-2024-2626 |
4292 | -Description: |
4293 | - Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58 |
4294 | - allowed a remote attacker to perform out of bounds memory access via a |
4295 | - crafted HTML page. (Chromium security severity: Medium) |
4296 | -Ubuntu-Description: |
4297 | -Notes: |
4298 | - alexmurray> The Debian chromium source package is called chromium-browser |
4299 | - alexmurray> in Ubuntu |
4300 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
4301 | - mdeslaur> a script that installs the Chromium snap |
4302 | -Mitigation: |
4303 | -Bugs: |
4304 | -Priority: medium |
4305 | -Discovered-by: |
4306 | -Assigned-to: |
4307 | -CVSS: |
4308 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N [6.5 MEDIUM] |
4309 | - |
4310 | - |
4311 | -Patches_chromium-browser: |
4312 | -upstream_chromium-browser: released |
4313 | -focal_chromium-browser: not-affected (code not present) |
4314 | -jammy_chromium-browser: not-affected (code not present) |
4315 | -mantic_chromium-browser: not-affected (code not present) |
4316 | -noble_chromium-browser: not-affected (code not present) |
4317 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
4318 | -devel_chromium-browser: not-affected (code not present) |
4319 | diff --git a/active/CVE-2024-2627 b/active/CVE-2024-2627 |
4320 | deleted file mode 100644 |
4321 | index 705d601..0000000 |
4322 | --- a/active/CVE-2024-2627 |
4323 | +++ /dev/null |
4324 | @@ -1,31 +0,0 @@ |
4325 | -Candidate: CVE-2024-2627 |
4326 | -PublicDate: 2024-03-20 17:15:00 UTC |
4327 | -References: |
4328 | - https://www.cve.org/CVERecord?id=CVE-2024-2627 |
4329 | -Description: |
4330 | - Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a |
4331 | - remote attacker to potentially exploit heap corruption via a crafted HTML |
4332 | - page. (Chromium security severity: Medium) |
4333 | -Ubuntu-Description: |
4334 | -Notes: |
4335 | - alexmurray> The Debian chromium source package is called chromium-browser |
4336 | - alexmurray> in Ubuntu |
4337 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
4338 | - mdeslaur> a script that installs the Chromium snap |
4339 | -Mitigation: |
4340 | -Bugs: |
4341 | -Priority: medium |
4342 | -Discovered-by: |
4343 | -Assigned-to: |
4344 | -CVSS: |
4345 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH] |
4346 | - |
4347 | - |
4348 | -Patches_chromium-browser: |
4349 | -upstream_chromium-browser: released |
4350 | -focal_chromium-browser: not-affected (code not present) |
4351 | -jammy_chromium-browser: not-affected (code not present) |
4352 | -mantic_chromium-browser: not-affected (code not present) |
4353 | -noble_chromium-browser: not-affected (code not present) |
4354 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
4355 | -devel_chromium-browser: not-affected (code not present) |
4356 | diff --git a/active/CVE-2024-2628 b/active/CVE-2024-2628 |
4357 | deleted file mode 100644 |
4358 | index 5cf9d33..0000000 |
4359 | --- a/active/CVE-2024-2628 |
4360 | +++ /dev/null |
4361 | @@ -1,31 +0,0 @@ |
4362 | -Candidate: CVE-2024-2628 |
4363 | -PublicDate: 2024-03-20 17:15:00 UTC |
4364 | -References: |
4365 | - https://www.cve.org/CVERecord?id=CVE-2024-2628 |
4366 | -Description: |
4367 | - Inappropriate implementation in Downloads in Google Chrome prior to |
4368 | - 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a |
4369 | - crafted URL. (Chromium security severity: Medium) |
4370 | -Ubuntu-Description: |
4371 | -Notes: |
4372 | - alexmurray> The Debian chromium source package is called chromium-browser |
4373 | - alexmurray> in Ubuntu |
4374 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
4375 | - mdeslaur> a script that installs the Chromium snap |
4376 | -Mitigation: |
4377 | -Bugs: |
4378 | -Priority: medium |
4379 | -Discovered-by: |
4380 | -Assigned-to: |
4381 | -CVSS: |
4382 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N [4.3 MEDIUM] |
4383 | - |
4384 | - |
4385 | -Patches_chromium-browser: |
4386 | -upstream_chromium-browser: released |
4387 | -focal_chromium-browser: not-affected (code not present) |
4388 | -jammy_chromium-browser: not-affected (code not present) |
4389 | -mantic_chromium-browser: not-affected (code not present) |
4390 | -noble_chromium-browser: not-affected (code not present) |
4391 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
4392 | -devel_chromium-browser: not-affected (code not present) |
4393 | diff --git a/active/CVE-2024-2629 b/active/CVE-2024-2629 |
4394 | deleted file mode 100644 |
4395 | index 5587c83..0000000 |
4396 | --- a/active/CVE-2024-2629 |
4397 | +++ /dev/null |
4398 | @@ -1,31 +0,0 @@ |
4399 | -Candidate: CVE-2024-2629 |
4400 | -PublicDate: 2024-03-20 17:15:00 UTC |
4401 | -References: |
4402 | - https://www.cve.org/CVERecord?id=CVE-2024-2629 |
4403 | -Description: |
4404 | - Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 |
4405 | - allowed a remote attacker to perform UI spoofing via a crafted HTML page. |
4406 | - (Chromium security severity: Medium) |
4407 | -Ubuntu-Description: |
4408 | -Notes: |
4409 | - alexmurray> The Debian chromium source package is called chromium-browser |
4410 | - alexmurray> in Ubuntu |
4411 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
4412 | - mdeslaur> a script that installs the Chromium snap |
4413 | -Mitigation: |
4414 | -Bugs: |
4415 | -Priority: medium |
4416 | -Discovered-by: |
4417 | -Assigned-to: |
4418 | -CVSS: |
4419 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N [4.3 MEDIUM] |
4420 | - |
4421 | - |
4422 | -Patches_chromium-browser: |
4423 | -upstream_chromium-browser: released |
4424 | -focal_chromium-browser: not-affected (code not present) |
4425 | -jammy_chromium-browser: not-affected (code not present) |
4426 | -mantic_chromium-browser: not-affected (code not present) |
4427 | -noble_chromium-browser: not-affected (code not present) |
4428 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
4429 | -devel_chromium-browser: not-affected (code not present) |
4430 | diff --git a/active/CVE-2024-2630 b/active/CVE-2024-2630 |
4431 | deleted file mode 100644 |
4432 | index b732685..0000000 |
4433 | --- a/active/CVE-2024-2630 |
4434 | +++ /dev/null |
4435 | @@ -1,31 +0,0 @@ |
4436 | -Candidate: CVE-2024-2630 |
4437 | -PublicDate: 2024-03-20 17:15:00 UTC |
4438 | -References: |
4439 | - https://www.cve.org/CVERecord?id=CVE-2024-2630 |
4440 | -Description: |
4441 | - Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 |
4442 | - allowed a remote attacker to leak cross-origin data via a crafted HTML |
4443 | - page. (Chromium security severity: Medium) |
4444 | -Ubuntu-Description: |
4445 | -Notes: |
4446 | - alexmurray> The Debian chromium source package is called chromium-browser |
4447 | - alexmurray> in Ubuntu |
4448 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
4449 | - mdeslaur> a script that installs the Chromium snap |
4450 | -Mitigation: |
4451 | -Bugs: |
4452 | -Priority: medium |
4453 | -Discovered-by: |
4454 | -Assigned-to: |
4455 | -CVSS: |
4456 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N [6.5 MEDIUM] |
4457 | - |
4458 | - |
4459 | -Patches_chromium-browser: |
4460 | -upstream_chromium-browser: released |
4461 | -focal_chromium-browser: not-affected (code not present) |
4462 | -jammy_chromium-browser: not-affected (code not present) |
4463 | -mantic_chromium-browser: not-affected (code not present) |
4464 | -noble_chromium-browser: not-affected (code not present) |
4465 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
4466 | -devel_chromium-browser: not-affected (code not present) |
4467 | diff --git a/active/CVE-2024-2631 b/active/CVE-2024-2631 |
4468 | deleted file mode 100644 |
4469 | index f4acd57..0000000 |
4470 | --- a/active/CVE-2024-2631 |
4471 | +++ /dev/null |
4472 | @@ -1,31 +0,0 @@ |
4473 | -Candidate: CVE-2024-2631 |
4474 | -PublicDate: 2024-03-20 17:15:00 UTC |
4475 | -References: |
4476 | - https://www.cve.org/CVERecord?id=CVE-2024-2631 |
4477 | -Description: |
4478 | - Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 |
4479 | - allowed a remote attacker to perform UI spoofing via a crafted HTML page. |
4480 | - (Chromium security severity: Low) |
4481 | -Ubuntu-Description: |
4482 | -Notes: |
4483 | - alexmurray> The Debian chromium source package is called chromium-browser |
4484 | - alexmurray> in Ubuntu |
4485 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
4486 | - mdeslaur> a script that installs the Chromium snap |
4487 | -Mitigation: |
4488 | -Bugs: |
4489 | -Priority: medium |
4490 | -Discovered-by: |
4491 | -Assigned-to: |
4492 | -CVSS: |
4493 | - nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N [4.3 MEDIUM] |
4494 | - |
4495 | - |
4496 | -Patches_chromium-browser: |
4497 | -upstream_chromium-browser: released |
4498 | -focal_chromium-browser: not-affected (code not present) |
4499 | -jammy_chromium-browser: not-affected (code not present) |
4500 | -mantic_chromium-browser: not-affected (code not present) |
4501 | -noble_chromium-browser: not-affected (code not present) |
4502 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
4503 | -devel_chromium-browser: not-affected (code not present) |
4504 | diff --git a/active/CVE-2024-27285 b/active/CVE-2024-27285 |
4505 | deleted file mode 100644 |
4506 | index dff6794..0000000 |
4507 | --- a/active/CVE-2024-27285 |
4508 | +++ /dev/null |
4509 | @@ -1,42 +0,0 @@ |
4510 | -PublicDateAtUSN: 2024-02-29 |
4511 | -Candidate: CVE-2024-27285 |
4512 | -PublicDate: 2024-02-28 20:15:00 UTC |
4513 | -References: |
4514 | - https://github.com/lsegal/yard/security/advisories/GHSA-8mq4-9jjh-9xrc |
4515 | - https://github.com/lsegal/yard/commit/d78fc393d603c4fc35975969296ed381146a29d4 (v0.9.35) |
4516 | - https://github.com/lsegal/yard/commit/c88406e4b78f8dd4ba38c79eea0bcec716dbbef8 (v0.9.36) |
4517 | - https://github.com/lsegal/yard/commit/2a0b9990b64ceeeb0456177c593e36e204a06df1 (v0.9.36) |
4518 | - https://github.com/lsegal/yard/commit/a831a596b2a7cabdd2e17855dd179af2ebf3d559 (v0.9.36) |
4519 | - https://github.com/lsegal/yard/commit/2069e2bf08293bda2fcc78f7d0698af6354054be |
4520 | - https://www.cve.org/CVERecord?id=CVE-2024-27285 |
4521 | - https://ubuntu.com/security/notices/USN-6731-1 |
4522 | -Description: |
4523 | - YARD is a Ruby Documentation tool. The "frames.html" file within the Yard |
4524 | - Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) |
4525 | - attacks due to inadequate sanitization of user input within the JavaScript |
4526 | - segment of the "frames.erb" template file. This vulnerability is fixed in |
4527 | - 0.9.36. |
4528 | -Ubuntu-Description: |
4529 | -Notes: |
4530 | -Mitigation: |
4531 | -Bugs: |
4532 | -Priority: medium |
4533 | -Discovered-by: Aviv Keller |
4534 | -Assigned-to: |
4535 | -CVSS: |
4536 | - |
4537 | -Patches_yard: |
4538 | -upstream_yard: released (0.9.36) |
4539 | -trusty_yard: ignored (end of standard support) |
4540 | -xenial_yard: ignored (end of standard support) |
4541 | -esm-apps/xenial_yard: released (0.8.7.6+git20160220-3ubuntu0.1~esm1) |
4542 | -bionic_yard: ignored (end of standard support) |
4543 | -esm-apps/bionic_yard: released (0.9.12-2ubuntu0.1~esm1) |
4544 | -focal_yard: released (0.9.24-1+deb11u1build0.20.04.1) |
4545 | -esm-apps/focal_yard: not-affected (0.9.24-1+deb11u1build0.20.04.1) |
4546 | -jammy_yard: released (0.9.26-1ubuntu0.1) |
4547 | -esm-apps/jammy_yard: not-affected (0.9.26-1ubuntu0.1) |
4548 | -mantic_yard: released (0.9.28-2ubuntu0.1) |
4549 | -noble_yard: not-affected (0.9.36-1) |
4550 | -esm-apps/noble_yard: not-affected (0.9.36-1) |
4551 | -devel_yard: not-affected (0.9.36-1) |
4552 | diff --git a/active/CVE-2024-27308 b/active/CVE-2024-27308 |
4553 | deleted file mode 100644 |
4554 | index 69b02b9..0000000 |
4555 | --- a/active/CVE-2024-27308 |
4556 | +++ /dev/null |
4557 | @@ -1,55 +0,0 @@ |
4558 | -Candidate: CVE-2024-27308 |
4559 | -PublicDate: 2024-03-06 20:15:00 UTC |
4560 | -References: |
4561 | - https://rustsec.org/advisories/RUSTSEC-2024-0019.html |
4562 | - https://github.com/tokio-rs/mio/security/advisories/GHSA-r8w9-5wcg-vfj7 |
4563 | - https://github.com/tokio-rs/tokio/issues/6369 |
4564 | - https://github.com/tokio-rs/mio/pull/1760 |
4565 | - https://github.com/tokio-rs/mio/commit/90d4fe00df870acd3d38f3dc4face9aacab8fbb9 |
4566 | - https://www.cve.org/CVERecord?id=CVE-2024-27308 |
4567 | -Description: |
4568 | - Mio is a Metal I/O library for Rust. When using named pipes on Windows, mio |
4569 | - will under some circumstances return invalid tokens that correspond to |
4570 | - named pipes that have already been deregistered from the mio registry. The |
4571 | - impact of this vulnerability depends on how mio is used. For some |
4572 | - applications, invalid tokens may be ignored or cause a warning or a crash. |
4573 | - On the other hand, for applications that store pointers in the tokens, this |
4574 | - vulnerability may result in a use-after-free. For users of Tokio, this |
4575 | - vulnerability is serious and can result in a use-after-free in Tokio. The |
4576 | - vulnerability is Windows-specific, and can only happen if you are using |
4577 | - named pipes. Other IO resources are not affected. This vulnerability has |
4578 | - been fixed in mio v0.8.11. All versions of mio between v0.7.2 and v0.8.10 |
4579 | - are vulnerable. Tokio is vulnerable when you are using a vulnerable version |
4580 | - of mio AND you are using at least Tokio v1.30.0. Versions of Tokio prior to |
4581 | - v1.30.0 will ignore invalid tokens, so they are not vulnerable. Vulnerable |
4582 | - libraries that use mio can work around this issue by detecting and ignoring |
4583 | - invalid tokens. |
4584 | -Ubuntu-Description: |
4585 | -Notes: |
4586 | -Mitigation: |
4587 | -Bugs: |
4588 | -Priority: medium |
4589 | -Discovered-by: |
4590 | -Assigned-to: |
4591 | -CVSS: |
4592 | - |
4593 | -Patches_rust-mio: |
4594 | -upstream_rust-mio: not-affected (debian: Windows-specific) |
4595 | -focal_rust-mio: not-affected (Windows only) |
4596 | -esm-apps/focal_rust-mio: not-affected (Windows only) |
4597 | -jammy_rust-mio: not-affected (Windows only) |
4598 | -esm-apps/jammy_rust-mio: not-affected (Windows only) |
4599 | -mantic_rust-mio: not-affected (Windows only) |
4600 | -noble_rust-mio: not-affected (Windows only) |
4601 | -esm-apps/noble_rust-mio: not-affected (Windows only) |
4602 | -devel_rust-mio: not-affected (Windows only) |
4603 | - |
4604 | -Patches_rust-mio-0.6: |
4605 | -upstream_rust-mio-0.6: not-affected (debian: Vulnerable code not present) |
4606 | -focal_rust-mio-0.6: DNE |
4607 | -jammy_rust-mio-0.6: not-affected (code not present) |
4608 | -esm-apps/jammy_rust-mio-0.6: not-affected (code not present) |
4609 | -mantic_rust-mio-0.6: not-affected (code not present) |
4610 | -noble_rust-mio-0.6: not-affected (code not present) |
4611 | -esm-apps/noble_rust-mio-0.6: not-affected (code not present) |
4612 | -devel_rust-mio-0.6: not-affected (code not present) |
4613 | diff --git a/active/CVE-2024-27456 b/active/CVE-2024-27456 |
4614 | deleted file mode 100644 |
4615 | index 33ab5ee..0000000 |
4616 | --- a/active/CVE-2024-27456 |
4617 | +++ /dev/null |
4618 | @@ -1,35 +0,0 @@ |
4619 | -Candidate: CVE-2024-27456 |
4620 | -PublicDate: 2024-02-26 16:28:00 UTC |
4621 | -References: |
4622 | - https://github.com/cyu/rack-cors/issues/274 |
4623 | - https://www.cve.org/CVERecord?id=CVE-2024-27456 |
4624 | -Description: |
4625 | - rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 permissions for the .rb |
4626 | - files. |
4627 | -Ubuntu-Description: |
4628 | -Notes: |
4629 | - alexmurray> Only affects the rack-cors gem, not the ruby-rack-cors package |
4630 | - as shipped in Ubuntu |
4631 | -Mitigation: |
4632 | -Bugs: |
4633 | - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064862 |
4634 | -Priority: negligible |
4635 | -Discovered-by: |
4636 | -Assigned-to: |
4637 | -CVSS: |
4638 | - |
4639 | -Patches_ruby-rack-cors: |
4640 | -upstream_ruby-rack-cors: not-affected |
4641 | -trusty_ruby-rack-cors: ignored (end of standard support) |
4642 | -xenial_ruby-rack-cors: ignored (end of standard support) |
4643 | -esm-apps/xenial_ruby-rack-cors: not-affected |
4644 | -bionic_ruby-rack-cors: ignored (end of standard support) |
4645 | -esm-apps/bionic_ruby-rack-cors: not-affected |
4646 | -focal_ruby-rack-cors: not-affected |
4647 | -esm-apps/focal_ruby-rack-cors: not-affected |
4648 | -jammy_ruby-rack-cors: not-affected |
4649 | -esm-apps/jammy_ruby-rack-cors: not-affected |
4650 | -mantic_ruby-rack-cors: not-affected |
4651 | -noble_ruby-rack-cors: not-affected |
4652 | -esm-apps/noble_ruby-rack-cors: not-affected |
4653 | -devel_ruby-rack-cors: not-affected |
4654 | diff --git a/active/CVE-2024-27508 b/active/CVE-2024-27508 |
4655 | deleted file mode 100644 |
4656 | index 118d32e..0000000 |
4657 | --- a/active/CVE-2024-27508 |
4658 | +++ /dev/null |
4659 | @@ -1,34 +0,0 @@ |
4660 | -Candidate: CVE-2024-27508 |
4661 | -PublicDate: 2024-02-27 16:15:00 UTC |
4662 | -References: |
4663 | - https://github.com/LuMingYinDetect/Atheme_defects/blob/main/Atheme_detect_1.md |
4664 | - https://www.cve.org/CVERecord?id=CVE-2024-27508 |
4665 | -Description: |
4666 | - Atheme 7.2.12 contains a memory leak vulnerability in |
4667 | - /atheme/src/crypto-benchmark/main.c. |
4668 | -Ubuntu-Description: |
4669 | -Notes: |
4670 | - alexmurray> atheme-services in Ubuntu does not contain the affected |
4671 | - crypto-benchmark |
4672 | -Mitigation: |
4673 | -Bugs: |
4674 | -Priority: medium |
4675 | -Discovered-by: |
4676 | -Assigned-to: |
4677 | -CVSS: |
4678 | - |
4679 | -Patches_atheme-services: |
4680 | -upstream_atheme-services: not-affected (code not present) |
4681 | -trusty_atheme-services: ignored (end of standard support) |
4682 | -xenial_atheme-services: ignored (end of standard support) |
4683 | -esm-apps/xenial_atheme-services: not-affected (code not present) |
4684 | -bionic_atheme-services: ignored (end of standard support) |
4685 | -esm-apps/bionic_atheme-services: not-affected (code not present) |
4686 | -focal_atheme-services: not-affected (code not present) |
4687 | -esm-apps/focal_atheme-services: not-affected (code not present) |
4688 | -jammy_atheme-services: not-affected (code not present) |
4689 | -esm-apps/jammy_atheme-services: not-affected (code not present) |
4690 | -mantic_atheme-services: not-affected (code not present) |
4691 | -noble_atheme-services: not-affected (code not present) |
4692 | -esm-apps/noble_atheme-services: not-affected (code not present) |
4693 | -devel_atheme-services: not-affected (code not present) |
4694 | diff --git a/active/CVE-2024-2757 b/active/CVE-2024-2757 |
4695 | deleted file mode 100644 |
4696 | index 1a7e9b6..0000000 |
4697 | --- a/active/CVE-2024-2757 |
4698 | +++ /dev/null |
4699 | @@ -1,86 +0,0 @@ |
4700 | -Candidate: CVE-2024-2757 |
4701 | -PublicDate: 2024-04-16 |
4702 | -References: |
4703 | - https://www.cve.org/CVERecord?id=CVE-2024-2757 |
4704 | - https://github.com/php/php-src/security/advisories/GHSA-fjp9-9hwx-59fq |
4705 | -Description: |
4706 | - mb_encode_mimeheader runs endlessly for some inputs |
4707 | -Ubuntu-Description: |
4708 | -Notes: |
4709 | - leosilva> version in noble is not affected see (LP: #2061147) |
4710 | - leosilva> only affects 8.3 |
4711 | -Mitigation: |
4712 | -Bugs: |
4713 | -Priority: medium |
4714 | -Discovered-by: leosilva |
4715 | -Assigned-to: |
4716 | -CVSS: |
4717 | - |
4718 | -Patches_php5: |
4719 | -upstream_php5: not-affected |
4720 | -trusty/esm_php5: not-affected |
4721 | -focal_php5: DNE |
4722 | -jammy_php5: DNE |
4723 | -mantic_php5: DNE |
4724 | -noble_php5: DNE |
4725 | -devel_php5: DNE |
4726 | - |
4727 | -Patches_php7.0: |
4728 | -upstream_php7.0: not-affected |
4729 | -esm-infra/xenial_php7.0: not-affected |
4730 | -focal_php7.0: DNE |
4731 | -jammy_php7.0: DNE |
4732 | -mantic_php7.0: DNE |
4733 | -noble_php7.0: DNE |
4734 | -devel_php7.0: DNE |
4735 | - |
4736 | -Patches_php7.2: |
4737 | -upstream_php7.2: not-affected |
4738 | -esm-infra/bionic_php7.2: not-affected |
4739 | -focal_php7.2: DNE |
4740 | -jammy_php7.2: DNE |
4741 | -mantic_php7.2: DNE |
4742 | -noble_php7.2: DNE |
4743 | -devel_php7.2: DNE |
4744 | - |
4745 | -Patches_php7.4: |
4746 | -upstream_php7.4: not-affected |
4747 | -focal_php7.4: not-affected |
4748 | -jammy_php7.4: DNE |
4749 | -mantic_php7.4: DNE |
4750 | -noble_php7.4: DNE |
4751 | -devel_php7.4: DNE |
4752 | - |
4753 | -Patches_php8.1: |
4754 | -upstream_php8.1: not-affected |
4755 | -focal_php8.1: DNE |
4756 | -jammy_php8.1: not-affected |
4757 | -mantic_php8.1: DNE |
4758 | -noble_php8.1: DNE |
4759 | -devel_php8.1: DNE |
4760 | - |
4761 | -Patches_php8.2: |
4762 | -upstream_php8.2: not-affected |
4763 | -trusty_php8.2: DNE |
4764 | -trusty/esm_php8.2: DNE |
4765 | -xenial_php8.2: DNE |
4766 | -bionic_php8.2: DNE |
4767 | -focal_php8.2: DNE |
4768 | -jammy_php8.2: DNE |
4769 | -mantic_php8.2: not-affected |
4770 | -noble_php8.2: DNE |
4771 | -devel_php8.2: DNE |
4772 | - |
4773 | -Patches_php8.3: |
4774 | - upstream: https://github.com/php/php-src/commit/3394efc63e52a017995f92d8da4ef28224247bb3 |
4775 | -upstream_php8.3: released (8.3.6) |
4776 | -trusty_php8.3: DNE |
4777 | -trusty/esm_php8.3: DNE |
4778 | -xenial_php8.3: DNE |
4779 | -bionic_php8.3: DNE |
4780 | -focal_php8.3: DNE |
4781 | -jammy_php8.3: DNE |
4782 | -mantic_php8.3: DNE |
4783 | -noble_php8.3: released (8.3.6-0maysync1) |
4784 | -devel_php8.3: released (8.3.6-0maysync1) |
4785 | - |
4786 | diff --git a/active/CVE-2024-27913 b/active/CVE-2024-27913 |
4787 | deleted file mode 100644 |
4788 | index 1a73b11..0000000 |
4789 | --- a/active/CVE-2024-27913 |
4790 | +++ /dev/null |
4791 | @@ -1,47 +0,0 @@ |
4792 | -PublicDateAtUSN: 2024-02-29 |
4793 | -Candidate: CVE-2024-27913 |
4794 | -PublicDate: 2024-02-28 07:15:00 UTC |
4795 | -References: |
4796 | - https://ubuntu.com/security/notices/USN-6679-1 |
4797 | - https://www.cve.org/CVERecord?id=CVE-2024-27913 |
4798 | -Description: |
4799 | - ospf_te_parse_te in ospfd/ospf_te.c in FRRouting (FRR) through 9.1 allows |
4800 | - remote attackers to cause a denial of service (ospfd daemon crash) via a |
4801 | - malformed OSPF LSA packet, because of an attempted access to a missing |
4802 | - attribute field. |
4803 | -Ubuntu-Description: |
4804 | -Notes: |
4805 | - sbeattie> the quagga project was renamed to frr |
4806 | -Mitigation: |
4807 | -Bugs: |
4808 | -Priority: medium |
4809 | -Discovered-by: |
4810 | -Assigned-to: |
4811 | -CVSS: |
4812 | - |
4813 | -Patches_frr: |
4814 | - upstream: https://github.com/FRRouting/frr/pull/15431 |
4815 | - upstream: https://github.com/FRRouting/frr/commit/9df81b483e6734c8762727d49445e3cf16657e6f (9.0.x) |
4816 | -upstream_frr: needs-triage |
4817 | -trusty_frr: DNE |
4818 | -xenial_frr: DNE |
4819 | -bionic_frr: DNE |
4820 | -focal_frr: not-affected (code not present) |
4821 | -esm-apps/focal_frr: not-affected (code not present) |
4822 | -jammy_frr: released (8.1-1ubuntu1.9) |
4823 | -mantic_frr: released (8.4.4-1.1ubuntu1.3) |
4824 | -noble_frr: released (8.4.4-1.1ubuntu4) |
4825 | -devel_frr: released (8.4.4-1.1ubuntu4) |
4826 | - |
4827 | -Patches_quagga: |
4828 | -upstream_quagga: needs-triage |
4829 | -trusty_quagga: ignored (end of standard support) |
4830 | -xenial_quagga: ignored (end of standard support) |
4831 | -esm-infra/xenial_quagga: not-affected (code not present) |
4832 | -bionic_quagga: ignored (end of standard support) |
4833 | -esm-infra/bionic_quagga: not-affected (code not present) |
4834 | -focal_quagga: not-affected (code not present) |
4835 | -jammy_quagga: DNE |
4836 | -mantic_quagga: DNE |
4837 | -noble_quagga: DNE |
4838 | -devel_quagga: DNE |
4839 | diff --git a/active/CVE-2024-2883 b/active/CVE-2024-2883 |
4840 | deleted file mode 100644 |
4841 | index e345c68..0000000 |
4842 | --- a/active/CVE-2024-2883 |
4843 | +++ /dev/null |
4844 | @@ -1,31 +0,0 @@ |
4845 | -Candidate: CVE-2024-2883 |
4846 | -PublicDate: 2024-03-26 21:15:00 UTC |
4847 | -References: |
4848 | - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html |
4849 | - https://issues.chromium.org/issues/327807820 |
4850 | - https://www.cve.org/CVERecord?id=CVE-2024-2883 |
4851 | -Description: |
4852 | - Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a |
4853 | - remote attacker to potentially exploit heap corruption via a crafted HTML |
4854 | - page. (Chromium security severity: Critical) |
4855 | -Ubuntu-Description: |
4856 | -Notes: |
4857 | - alexmurray> The Debian chromium source package is called chromium-browser |
4858 | - alexmurray> in Ubuntu |
4859 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
4860 | - mdeslaur> a script that installs the Chromium snap |
4861 | -Mitigation: |
4862 | -Bugs: |
4863 | -Priority: medium |
4864 | -Discovered-by: |
4865 | -Assigned-to: |
4866 | -CVSS: |
4867 | - |
4868 | -Patches_chromium-browser: |
4869 | -upstream_chromium-browser: released |
4870 | -focal_chromium-browser: not-affected (code not present) |
4871 | -jammy_chromium-browser: not-affected (code not present) |
4872 | -mantic_chromium-browser: not-affected (code not present) |
4873 | -noble_chromium-browser: not-affected (code not present) |
4874 | -esm-apps/noble_chromium-browser: not-affected (code not present) |
4875 | -devel_chromium-browser: not-affected (code not present) |
4876 | diff --git a/active/CVE-2024-28834 b/active/CVE-2024-28834 |
4877 | deleted file mode 100644 |
4878 | index ea47cdc..0000000 |
4879 | --- a/active/CVE-2024-28834 |
4880 | +++ /dev/null |
4881 | @@ -1,41 +0,0 @@ |
4882 | -PublicDateAtUSN: 2024-03-21 14:15:00 UTC |
4883 | -Candidate: CVE-2024-28834 |
4884 | -PublicDate: 2024-03-21 14:15:00 UTC |
4885 | -References: |
4886 | - https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html |
4887 | - https://www.gnutls.org/security-new.html#GNUTLS-SA-2023-12-04 |
4888 | - https://access.redhat.com/security/cve/CVE-2024-28834 |
4889 | - https://people.redhat.com/~hkario/marvin/ |
4890 | - https://www.cve.org/CVERecord?id=CVE-2024-28834 |
4891 | - https://ubuntu.com/security/notices/USN-6733-1 |
4892 | - https://ubuntu.com/security/notices/USN-6733-2 |
4893 | -Description: |
4894 | - A flaw was found in GnuTLS. The Minerva attack is a cryptographic |
4895 | - vulnerability that exploits deterministic behavior in systems like GnuTLS, |
4896 | - leading to side-channel leaks. In specific scenarios, such as when using |
4897 | - the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable |
4898 | - step in nonce size from 513 to 512 bits, exposing a potential timing |
4899 | - side-channel. |
4900 | -Ubuntu-Description: |
4901 | -Notes: |
4902 | - mdeslaur> per Debian, introduced in 3.6.10 |
4903 | -Mitigation: |
4904 | -Bugs: |
4905 | - https://gitlab.com/gnutls/gnutls/-/issues/1516 |
4906 | - https://bugzilla.redhat.com/show_bug.cgi?id=2269228 |
4907 | -Priority: medium |
4908 | -Discovered-by: |
4909 | -Assigned-to: |
4910 | -CVSS: |
4911 | - |
4912 | -Patches_gnutls28: |
4913 | - upstream: https://gitlab.com/gnutls/gnutls/-/commit/4a4cefef6c194f8fbbffd7fb19651219421b085b (complete merge) |
4914 | - upstream: https://gitlab.com/gnutls/gnutls/-/commit/1c4701ffc342259fc5965d5a0de90d87f780e3e5 |
4915 | -upstream_gnutls28: needs-triage |
4916 | -esm-infra/xenial_gnutls28: not-affected (code not present) |
4917 | -esm-infra/bionic_gnutls28: not-affected (code not present) |
4918 | -focal_gnutls28: released (3.6.13-2ubuntu1.11) |
4919 | -jammy_gnutls28: released (3.7.3-4ubuntu1.5) |
4920 | -mantic_gnutls28: released (3.8.1-4ubuntu1.3) |
4921 | -noble_gnutls28: released (3.8.3-1.1ubuntu3.1) |
4922 | -devel_gnutls28: released (3.8.3-1.1ubuntu3.1) |
4923 | diff --git a/active/CVE-2024-28835 b/active/CVE-2024-28835 |
4924 | deleted file mode 100644 |
4925 | index 8878c48..0000000 |
4926 | --- a/active/CVE-2024-28835 |
4927 | +++ /dev/null |
4928 | @@ -1,38 +0,0 @@ |
4929 | -PublicDateAtUSN: 2024-03-21 06:15:00 UTC |
4930 | -Candidate: CVE-2024-28835 |
4931 | -PublicDate: 2024-03-21 06:15:00 UTC |
4932 | -References: |
4933 | - https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html |
4934 | - https://www.gnutls.org/security-new.html#GNUTLS-SA-2024-01-23 |
4935 | - https://access.redhat.com/security/cve/CVE-2024-28835 |
4936 | - https://www.cve.org/CVERecord?id=CVE-2024-28835 |
4937 | - https://ubuntu.com/security/notices/USN-6733-1 |
4938 | - https://ubuntu.com/security/notices/USN-6733-2 |
4939 | -Description: |
4940 | - A flaw has been discovered in GnuTLS where an application crash can be |
4941 | - induced when attempting to verify a specially crafted .pem bundle using the |
4942 | - "certtool --verify-chain" command. |
4943 | -Ubuntu-Description: |
4944 | -Notes: |
4945 | - mdeslaur> per Debian, introduced in 3.7.0 |
4946 | -Mitigation: |
4947 | -Bugs: |
4948 | - https://bugzilla.redhat.com/show_bug.cgi?id=2269084 |
4949 | - https://gitlab.com/gnutls/gnutls/-/issues/1525 |
4950 | - https://gitlab.com/gnutls/gnutls/-/issues/1527 |
4951 | -Priority: medium |
4952 | -Discovered-by: |
4953 | -Assigned-to: |
4954 | -CVSS: |
4955 | - |
4956 | -Patches_gnutls28: |
4957 | - upstream: https://gitlab.com/gnutls/gnutls/-/commit/4a4cefef6c194f8fbbffd7fb19651219421b085b (complete merge) |
4958 | - upstream: https://gitlab.com/gnutls/gnutls/-/commit/e369e67a62f44561d417cb233acc566cc696d82d |
4959 | -upstream_gnutls28: needs-triage |
4960 | -esm-infra/xenial_gnutls28: not-affected (code not present) |
4961 | -esm-infra/bionic_gnutls28: not-affected (code not present) |
4962 | -focal_gnutls28: not-affected (3.6.13-2ubuntu1.10) |
4963 | -jammy_gnutls28: released (3.7.3-4ubuntu1.5) |
4964 | -mantic_gnutls28: released (3.8.1-4ubuntu1.3) |
4965 | -noble_gnutls28: released (3.8.3-1.1ubuntu3.1) |
4966 | -devel_gnutls28: released (3.8.3-1.1ubuntu3.1) |
4967 | diff --git a/active/CVE-2024-2885 b/active/CVE-2024-2885 |
4968 | deleted file mode 100644 |
4969 | index 65e11c9..0000000 |
4970 | --- a/active/CVE-2024-2885 |
4971 | +++ /dev/null |
4972 | @@ -1,31 +0,0 @@ |
4973 | -Candidate: CVE-2024-2885 |
4974 | -PublicDate: 2024-03-26 21:15:00 UTC |
4975 | -References: |
4976 | - https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html |
4977 | - https://issues.chromium.org/issues/328958020 |
4978 | - https://www.cve.org/CVERecord?id=CVE-2024-2885 |
4979 | -Description: |
4980 | - Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a |
4981 | - remote attacker to potentially exploit heap corruption via a crafted HTML |
4982 | - page. (Chromium security severity: High) |
4983 | -Ubuntu-Description: |
4984 | -Notes: |
4985 | - alexmurray> The Debian chromium source package is called chromium-browser |
4986 | - alexmurray> in Ubuntu |
4987 | - mdeslaur> starting with Ubuntu 19.10, the chromium-browser package is just |
4988 | - mdeslaur> a script that installs the Chromium snap |
4989 | -Mitigation: |
4990 | -Bugs: |
4991 | -Priority: medium |
4992 | -Discovered-by: |
4993 | -Assigned-to: |
4994 | -CVSS: |
4995 | - |
4996 | -Patches_chromium-browser: |
4997 | -upstream_chromium-browser: released |
4998 | -focal_chromium-browser: not-affected (code not present) |
4999 | -jammy_chromium-browser: not-affected (code not present) |
5000 | -mantic_chromium-browser: not-affected (code not present) |
The diff has been truncated for viewing.
Thanks for this, merged. In the future it would be good to break these sorts of things into two distinct commits.