🏡 index : github.com/captn3m0/photon-os-advisories.git

author github-actions[bot] <github-actions[bot]@users.noreply.github.com> 2025-01-01 5:38:21.0 +00:00:00
committer github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> 2025-01-01 5:38:21.0 +00:00:00
commit
7e52f526d30f2bb6eeeefdb4d455f1df3955f9f1 [patch]
tree
37b3cb271cdb4dba2921a89044d0177f42d3cb89
parent
677fc543111951c6bb43fcc13106122f9a7c8afb
download
7e52f526d30f2bb6eeeefdb4d455f1df3955f9f1.tar.gz

Update Advisories



Diff

 advisories/PHSA-2024-4.0-0704.json |  23 ++++++++++++++++++++++-
 advisories/PHSA-2024-4.0-0722.json |  37 +++++++++++++++++++++++++++++++++++++
 advisories/PHSA-2024-4.0-0726.json |  53 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 advisories/PHSA-2024-5.0-0386.json |   5 +++--
 advisories/PHSA-2024-5.0-0407.json |   6 ++++--
 advisories/PHSA-2024-5.0-0429.json |  34 ++++++++++++++++++++++++++++++++++
 advisories/PHSA-2024-5.0-0432.json |  34 ++++++++++++++++++++++++++++++++++
 advisories/PHSA-2024-5.0-0434.json | 148 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 8 files changed, 334 insertions(+), 6 deletions(-)

diff --git a/advisories/PHSA-2024-4.0-0704.json b/advisories/PHSA-2024-4.0-0704.json
index 1194528..cdd61b5 100644
--- a/advisories/PHSA-2024-4.0-0704.json
+++ a/advisories/PHSA-2024-4.0-0704.json
@@ -17,10 +17,28 @@
                ],

                "type": "ECOSYSTEM"
            }

        },

        {
            "package": {
                "ecosystem": "Photon OS:4.0",
                "name": "python3",
                "purl": "pkg:rpm/vmware/python3?distro=photon-4"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "3.10.11-11.ph4"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        }

    ],

    "id": "PHSA-2024-4.0-0704",
    "modified": "2024-10-23T05:23:38Z",
    "modified": "2025-01-01T05:25:32Z",
    "published": "2024-10-22T00:00:00Z",
    "references": [
        {
@@ -30,6 +48,7 @@
    ],

    "related": [
        "CVE-2024-34158",
        "CVE-2024-34156"
        "CVE-2024-34156",
        "CVE-2024-6232"
    ]

}
diff --git a/advisories/PHSA-2024-4.0-0722.json b/advisories/PHSA-2024-4.0-0722.json
new file mode 100644
index 0000000..ce613f4 100644
--- /dev/null
+++ a/advisories/PHSA-2024-4.0-0722.json
@@ -1,0 +1,37 @@
{
    "affected": [
        {
            "package": {
                "ecosystem": "Photon OS:4.0",
                "name": "linux",
                "purl": "pkg:rpm/vmware/linux?distro=photon-4"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "5.10.230-1.ph4"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        }

    ],

    "id": "PHSA-2024-4.0-0722",
    "modified": "2025-01-01T05:25:32+00:00Z",
    "published": "2024-12-10T00:00:00Z",
    "references": [
        {
            "type": "ADVISORY",
            "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-722"
        }

    ],

    "related": [
        "CVE-2024-50036",
        "CVE-2024-50301",
        "CVE-2024-50264",
        "CVE-2024-50282"
    ]

}
diff --git a/advisories/PHSA-2024-4.0-0726.json b/advisories/PHSA-2024-4.0-0726.json
new file mode 100644
index 0000000..cafeb16 100644
--- /dev/null
+++ a/advisories/PHSA-2024-4.0-0726.json
@@ -1,0 +1,53 @@
{
    "affected": [
        {
            "package": {
                "ecosystem": "Photon OS:4.0",
                "name": "cups",
                "purl": "pkg:rpm/vmware/cups?distro=photon-4"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "2.4.11-1.ph4"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        },

        {
            "package": {
                "ecosystem": "Photon OS:4.0",
                "name": "squid",
                "purl": "pkg:rpm/vmware/squid?distro=photon-4"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "6.6-5.ph4"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        }

    ],

    "id": "PHSA-2024-4.0-0726",
    "modified": "2025-01-01T05:25:32+00:00Z",
    "published": "2024-12-17T00:00:00Z",
    "references": [
        {
            "type": "ADVISORY",
            "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-726"
        }

    ],

    "related": [
        "CVE-2024-47175",
        "CVE-2024-45802"
    ]

}
diff --git a/advisories/PHSA-2024-5.0-0386.json b/advisories/PHSA-2024-5.0-0386.json
index 7daa96c..09857a4 100644
--- a/advisories/PHSA-2024-5.0-0386.json
+++ a/advisories/PHSA-2024-5.0-0386.json
@@ -38,7 +38,7 @@
        }

    ],

    "id": "PHSA-2024-5.0-0386",
    "modified": "2024-10-23T05:23:38Z",
    "modified": "2025-01-01T05:25:32Z",
    "published": "2024-10-22T00:00:00Z",
    "references": [
        {
@@ -49,6 +49,7 @@
    "related": [
        "CVE-2024-34158",
        "CVE-2023-27043",
        "CVE-2024-34156"
        "CVE-2024-34156",
        "CVE-2024-6232"
    ]

}
diff --git a/advisories/PHSA-2024-5.0-0407.json b/advisories/PHSA-2024-5.0-0407.json
index 640d990..f05428c 100644
--- a/advisories/PHSA-2024-5.0-0407.json
+++ a/advisories/PHSA-2024-5.0-0407.json
@@ -20,7 +20,7 @@
        }

    ],

    "id": "PHSA-2024-5.0-0407",
    "modified": "2024-11-27T05:25:38Z",
    "modified": "2025-01-01T05:25:32Z",
    "published": "2024-11-21T00:00:00Z",
    "references": [
        {
@@ -30,6 +30,8 @@
    ],

    "related": [
        "CVE-2024-50036",
        "CVE-2024-49991"
        "CVE-2024-49991",
        "CVE-2024-50010",
        "CVE-2024-50012"
    ]

}
diff --git a/advisories/PHSA-2024-5.0-0429.json b/advisories/PHSA-2024-5.0-0429.json
new file mode 100644
index 0000000..e6ea41f 100644
--- /dev/null
+++ a/advisories/PHSA-2024-5.0-0429.json
@@ -1,0 +1,34 @@
{
    "affected": [
        {
            "package": {
                "ecosystem": "Photon OS:5.0",
                "name": "squid",
                "purl": "pkg:rpm/vmware/squid?distro=photon-5"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "6.12-1.ph5"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        }

    ],

    "id": "PHSA-2024-5.0-0429",
    "modified": "2025-01-01T05:25:32+00:00Z",
    "published": "2024-12-17T00:00:00Z",
    "references": [
        {
            "type": "ADVISORY",
            "url": "https://github.com/vmware/photon/wiki/Security-Update-5.0-429"
        }

    ],

    "related": [
        "CVE-2024-45802"
    ]

}
diff --git a/advisories/PHSA-2024-5.0-0432.json b/advisories/PHSA-2024-5.0-0432.json
new file mode 100644
index 0000000..7d6a46b 100644
--- /dev/null
+++ a/advisories/PHSA-2024-5.0-0432.json
@@ -1,0 +1,34 @@
{
    "affected": [
        {
            "package": {
                "ecosystem": "Photon OS:5.0",
                "name": "rubygem-nokogiri",
                "purl": "pkg:rpm/vmware/rubygem-nokogiri?distro=photon-5"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "1.13.9-7.ph5"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        }

    ],

    "id": "PHSA-2024-5.0-0432",
    "modified": "2025-01-01T05:25:32+00:00Z",
    "published": "2024-12-23T00:00:00Z",
    "references": [
        {
            "type": "ADVISORY",
            "url": "https://github.com/vmware/photon/wiki/Security-Update-5.0-432"
        }

    ],

    "related": [
        "CVE-2022-23476"
    ]

}
diff --git a/advisories/PHSA-2024-5.0-0434.json b/advisories/PHSA-2024-5.0-0434.json
new file mode 100644
index 0000000..28c0ee0 100644
--- /dev/null
+++ a/advisories/PHSA-2024-5.0-0434.json
@@ -1,0 +1,148 @@
{
    "affected": [
        {
            "package": {
                "ecosystem": "Photon OS:5.0",
                "name": "python-virtualenv",
                "purl": "pkg:rpm/vmware/python-virtualenv?distro=photon-5"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "20.16.3-5.ph5"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        },

        {
            "package": {
                "ecosystem": "Photon OS:5.0",
                "name": "python-webob",
                "purl": "pkg:rpm/vmware/python-webob?distro=photon-5"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "1.8.7-3.ph5"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        },

        {
            "package": {
                "ecosystem": "Photon OS:5.0",
                "name": "python-requests",
                "purl": "pkg:rpm/vmware/python-requests?distro=photon-5"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "2.28.1-6.ph5"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        },

        {
            "package": {
                "ecosystem": "Photon OS:5.0",
                "name": "python-werkzeug",
                "purl": "pkg:rpm/vmware/python-werkzeug?distro=photon-5"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "2.2.2-3.ph5"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        },

        {
            "package": {
                "ecosystem": "Photon OS:5.0",
                "name": "python-gevent",
                "purl": "pkg:rpm/vmware/python-gevent?distro=photon-5"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "23.9.1-1.ph5"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        },

        {
            "package": {
                "ecosystem": "Photon OS:5.0",
                "name": "python-jinja2",
                "purl": "pkg:rpm/vmware/python-jinja2?distro=photon-5"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "3.1.2-5.ph5"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        },

        {
            "package": {
                "ecosystem": "Photon OS:5.0",
                "name": "python-tornado",
                "purl": "pkg:rpm/vmware/python-tornado?distro=photon-5"
            },

            "ranges": {
                "events": [
                    {
                        "introduced": "0"
                    },

                    {
                        "fixed": "6.2-4.ph5"
                    }

                ],

                "type": "ECOSYSTEM"
            }

        }

    ],

    "id": "PHSA-2024-5.0-0434",
    "modified": "2025-01-01T05:25:32+00:00Z",
    "published": "2024-12-31T00:00:00Z",
    "references": [
        {
            "type": "ADVISORY",
            "url": "https://github.com/vmware/photon/wiki/Security-Update-5.0-434"
        }

    ],

    "related": [
        "CVE-2024-34069",
        "CVE-2023-41419",
        "CVE-2024-34064",
        "CVE-2024-53899",
        "CVE-2024-42353",
        "CVE-2024-52804",
        "CVE-2024-35195"
    ]

}