Update Advisories

2024-09-16 10:16:10 +00:00 · 2024-08-22 05:37:40 +00:00 · 2024-08-22 05:37:40 +00:00 · 85b739f23f
commit 85b739f23f
parent 2320d180bc
9 changed files with 272 additions and 5 deletions
--- a/advisories/PHSA-2024-3.0-0772.json
+++ b/advisories/PHSA-2024-3.0-0772.json
@ -45,7 +45,7 @@
        }
    ],
    "id": "PHSA-2024-3.0-0772",
-    "modified": "2024-08-08T05:24:47Z",
+    "modified": "2024-08-22T05:25:28Z",
    "published": "2024-07-17T00:00:00Z",
    "references": [
        {
@ -55,6 +55,7 @@
    ],
    "related": [
        "CVE-2024-34402",
-        "CVE-2024-40902"
+        "CVE-2024-40902",
+        "CVE-2024-41087"
    ]
 }
--- a/advisories/PHSA-2024-3.0-0783.json
+++ b/advisories/PHSA-2024-3.0-0783.json
@ -0,0 +1,34 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:3.0",
+                "name": "go",
+                "purl": "pkg:rpm/vmware/go?distro=photon-3"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "1.20.14-2.ph3"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-3.0-0783",
+    "modified": "2024-08-22T05:25:28Z",
+    "published": "2024-08-21T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-3.0-783"
+        }
+    ],
+    "related": [
+        "CVE-2024-24784"
+    ]
+}
--- a/advisories/PHSA-2024-4.0-0670.json
+++ b/advisories/PHSA-2024-4.0-0670.json
@ -0,0 +1,34 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "nginx",
+                "purl": "pkg:rpm/vmware/nginx?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "1.26.2-1.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-4.0-0670",
+    "modified": "2024-08-22T05:25:28Z",
+    "published": "2024-08-21T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-670"
+        }
+    ],
+    "related": [
+        "CVE-2024-7347"
+    ]
+}
--- a/advisories/PHSA-2024-4.0-0671.json
+++ b/advisories/PHSA-2024-4.0-0671.json
@ -0,0 +1,56 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "unbound",
+                "purl": "pkg:rpm/vmware/unbound?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "1.16.3-3.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "vim",
+                "purl": "pkg:rpm/vmware/vim?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "9.1.0682-1.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-4.0-0671",
+    "modified": "2024-08-22T05:25:28Z",
+    "published": "2024-08-21T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-671"
+        }
+    ],
+    "related": [
+        "CVE-2024-43167",
+        "CVE-2024-41965",
+        "CVE-2024-41957",
+        "CVE-2024-43168",
+        "CVE-2024-43374"
+    ]
+}
--- a/advisories/PHSA-2024-5.0-0345.json
+++ b/advisories/PHSA-2024-5.0-0345.json
@ -52,7 +52,7 @@
        }
    ],
    "id": "PHSA-2024-5.0-0345",
-    "modified": "2024-08-20T05:25:16Z",
+    "modified": "2024-08-22T05:25:28Z",
    "published": "2024-08-09T00:00:00Z",
    "references": [
        {
@ -67,6 +67,24 @@
        "CVE-2024-42246",
        "CVE-2024-42247",
        "CVE-2024-42225",
-        "CVE-2024-42161"
+        "CVE-2024-42161",
+        "CVE-2024-41027",
+        "CVE-2024-42153",
+        "CVE-2024-41049",
+        "CVE-2024-41048",
+        "CVE-2024-41055",
+        "CVE-2024-41076",
+        "CVE-2024-41060",
+        "CVE-2024-41069",
+        "CVE-2024-41058",
+        "CVE-2024-41063",
+        "CVE-2024-41062",
+        "CVE-2024-41078",
+        "CVE-2024-41038",
+        "CVE-2024-41073",
+        "CVE-2024-41050",
+        "CVE-2024-41072",
+        "CVE-2024-41079",
+        "CVE-2024-42157"
    ]
 }
--- a/advisories/PHSA-2024-5.0-0350.json
+++ b/advisories/PHSA-2024-5.0-0350.json
@ -0,0 +1,34 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:5.0",
+                "name": "nginx",
+                "purl": "pkg:rpm/vmware/nginx?distro=photon-5"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "1.26.2-1.ph5"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-5.0-0350",
+    "modified": "2024-08-22T05:25:28Z",
+    "published": "2024-08-19T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-5.0-350"
+        }
+    ],
+    "related": [
+        "CVE-2024-7347"
+    ]
+}
--- a/advisories/PHSA-2024-5.0-0351.json
+++ b/advisories/PHSA-2024-5.0-0351.json
@ -0,0 +1,34 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:5.0",
+                "name": "grpc",
+                "purl": "pkg:rpm/vmware/grpc?distro=photon-5"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "1.59.5-1.ph5"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-5.0-0351",
+    "modified": "2024-08-22T05:25:28Z",
+    "published": "2024-08-21T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-5.0-351"
+        }
+    ],
+    "related": [
+        "CVE-2024-7246"
+    ]
+}
--- a/advisories/PHSA-2024-5.0-0352.json
+++ b/advisories/PHSA-2024-5.0-0352.json
@ -0,0 +1,56 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:5.0",
+                "name": "unbound",
+                "purl": "pkg:rpm/vmware/unbound?distro=photon-5"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "1.17.0-5.ph5"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:5.0",
+                "name": "vim",
+                "purl": "pkg:rpm/vmware/vim?distro=photon-5"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "9.1.0682-1.ph5"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-5.0-0352",
+    "modified": "2024-08-22T05:25:28Z",
+    "published": "2024-08-21T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-5.0-352"
+        }
+    ],
+    "related": [
+        "CVE-2024-43167",
+        "CVE-2024-41965",
+        "CVE-2024-41957",
+        "CVE-2024-43168",
+        "CVE-2024-43374"
+    ]
+}
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 747048bd74cbe671ae638082ce5d218b1475567e
+Subproject commit eefad6fa3495b9941d99e731cc3b69c8fcce3d49