Update Advisories

2024-09-16 10:16:10 +00:00 · 2024-08-08 05:37:46 +00:00 · 2024-08-08 05:37:46 +00:00 · b30d4219b5
commit b30d4219b5
parent 37cf1fb815
10 changed files with 249 additions and 11 deletions
--- a/advisories/PHSA-2024-3.0-0719.json
+++ b/advisories/PHSA-2024-3.0-0719.json
@ -152,7 +152,7 @@
        }
    ],
    "id": "PHSA-2024-3.0-0719",
-    "modified": "2024-02-01T13:37:12Z",
+    "modified": "2024-08-08T05:24:47Z",
    "published": "2024-01-31T00:00:00Z",
    "references": [
        {
@ -164,6 +164,7 @@
        "CVE-2023-52356",
        "CVE-2023-6606",
        "CVE-2023-6040",
-        "CVE-2023-52355"
+        "CVE-2023-52355",
+        "CVE-2023-52340"
    ]
 }
--- a/advisories/PHSA-2024-3.0-0769.json
+++ b/advisories/PHSA-2024-3.0-0769.json
@ -74,7 +74,7 @@
        }
    ],
    "id": "PHSA-2024-3.0-0769",
-    "modified": "2024-06-29T05:24:23Z",
+    "modified": "2024-08-08T05:24:47Z",
    "published": "2024-06-28T00:00:00Z",
    "references": [
        {
@ -83,6 +83,7 @@
        }
    ],
    "related": [
-        "CVE-2024-36971"
+        "CVE-2024-36971",
+        "CVE-2024-39480"
    ]
 }
--- a/advisories/PHSA-2024-3.0-0772.json
+++ b/advisories/PHSA-2024-3.0-0772.json
@ -24,10 +24,28 @@
                ],
                "type": "ECOSYSTEM"
            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:3.0",
+                "name": "linux",
+                "purl": "pkg:rpm/vmware/linux?distro=photon-3"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "4.19.317-1.ph3"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
        }
    ],
    "id": "PHSA-2024-3.0-0772",
-    "modified": "2024-07-25T05:24:48Z",
+    "modified": "2024-08-08T05:24:47Z",
    "published": "2024-07-17T00:00:00Z",
    "references": [
        {
@ -36,6 +54,7 @@
        }
    ],
    "related": [
-        "CVE-2024-34402"
+        "CVE-2024-34402",
+        "CVE-2024-40902"
    ]
 }
--- a/advisories/PHSA-2024-3.0-0776.json
+++ b/advisories/PHSA-2024-3.0-0776.json
@ -0,0 +1,34 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:3.0",
+                "name": "tpm2-tools",
+                "purl": "pkg:rpm/vmware/tpm2-tools?distro=photon-3"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "4.1.3-4.ph3"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-3.0-0776",
+    "modified": "2024-08-08T05:24:47Z",
+    "published": "2024-08-02T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-3.0-776"
+        }
+    ],
+    "related": [
+        "CVE-2024-29039"
+    ]
+}
--- a/advisories/PHSA-2024-4.0-0662.json
+++ b/advisories/PHSA-2024-4.0-0662.json
@ -17,10 +17,64 @@
                ],
                "type": "ECOSYSTEM"
            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "linux-secure",
+                "purl": "pkg:rpm/vmware/linux-secure?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "5.10.222-2.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "linux",
+                "purl": "pkg:rpm/vmware/linux?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "5.10.222-2.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "linux-aws",
+                "purl": "pkg:rpm/vmware/linux-aws?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "5.10.222-2.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
        }
    ],
    "id": "PHSA-2024-4.0-0662",
-    "modified": "2024-08-03T05:24:41Z",
+    "modified": "2024-08-08T05:24:47Z",
    "published": "2024-08-02T00:00:00Z",
    "references": [
        {
@ -29,6 +83,7 @@
        }
    ],
    "related": [
-        "CVE-2024-4032"
+        "CVE-2024-4032",
+        "CVE-2024-27397"
    ]
 }
--- a/advisories/PHSA-2024-4.0-0664.json
+++ b/advisories/PHSA-2024-4.0-0664.json
@ -0,0 +1,35 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "tpm2-tools",
+                "purl": "pkg:rpm/vmware/tpm2-tools?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "4.3.2-2.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-4.0-0664",
+    "modified": "2024-08-08T05:24:47Z",
+    "published": "2024-08-05T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-664"
+        }
+    ],
+    "related": [
+        "CVE-2024-29039",
+        "CVE-2024-29038"
+    ]
+}
--- a/advisories/PHSA-2024-4.0-0665.json
+++ b/advisories/PHSA-2024-4.0-0665.json
@ -0,0 +1,34 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "nss",
+                "purl": "pkg:rpm/vmware/nss?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "3.72-6.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-4.0-0665",
+    "modified": "2024-08-08T05:24:47Z",
+    "published": "2024-08-07T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-665"
+        }
+    ],
+    "related": [
+        "CVE-2024-0743"
+    ]
+}
--- a/advisories/PHSA-2024-5.0-0332.json
+++ b/advisories/PHSA-2024-5.0-0332.json
@ -17,10 +17,28 @@
                ],
                "type": "ECOSYSTEM"
            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:5.0",
+                "name": "shim-signed",
+                "purl": "pkg:rpm/vmware/shim-signed?distro=photon-5"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "15.8-2.ph5"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
        }
    ],
    "id": "PHSA-2024-5.0-0332",
-    "modified": "2024-07-27T05:24:56Z",
+    "modified": "2024-08-08T05:24:47Z",
    "published": "2024-07-25T00:00:00Z",
    "references": [
        {
@ -29,6 +47,13 @@
        }
    ],
    "related": [
-        "CVE-2024-6345"
+        "CVE-2024-6345",
+        "CVE-2023-40550",
+        "CVE-2022-28737",
+        "CVE-2023-40549",
+        "CVE-2023-40548",
+        "CVE-2023-40546",
+        "CVE-2023-40551",
+        "CVE-2023-40547"
    ]
 }
--- a/advisories/PHSA-2024-5.0-0342.json
+++ b/advisories/PHSA-2024-5.0-0342.json
@ -0,0 +1,34 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:5.0",
+                "name": "nss",
+                "purl": "pkg:rpm/vmware/nss?distro=photon-5"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "3.78-9.ph5"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-5.0-0342",
+    "modified": "2024-08-08T05:24:47Z",
+    "published": "2024-08-07T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-5.0-342"
+        }
+    ],
+    "related": [
+        "CVE-2024-0743"
+    ]
+}
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit b8a221b2028575b2f2b8a74967b8c254d0cce41d
+Subproject commit 58a9d9dcb383b57513d70d33152357477ad216e1