Update Advisories

2024-09-07 16:46:34 +00:00 · 2024-06-25 05:37:31 +00:00 · 2024-06-25 05:37:31 +00:00 · f38f0f2f86
commit f38f0f2f86
parent 7fd9fd3b40
7 changed files with 257 additions and 3 deletions
--- a/advisories/PHSA-2024-4.0-0629.json
+++ b/advisories/PHSA-2024-4.0-0629.json
@ -0,0 +1,34 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "cups",
+                "purl": "pkg:rpm/vmware/cups?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "2.4.7-3.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-4.0-0629",
+    "modified": "2024-06-25T05:24:10Z",
+    "published": "2024-06-11T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-629"
+        }
+    ],
+    "related": [
+        "CVE-2024-35235"
+    ]
+}
--- a/advisories/PHSA-2024-4.0-0637.json
+++ b/advisories/PHSA-2024-4.0-0637.json
@ -0,0 +1,54 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "go",
+                "purl": "pkg:rpm/vmware/go?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "1.21.11-1.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "openssl",
+                "purl": "pkg:rpm/vmware/openssl?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "3.0.14-1.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-4.0-0637",
+    "modified": "2024-06-25T05:24:10Z",
+    "published": "2024-06-24T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-637"
+        }
+    ],
+    "related": [
+        "CVE-2024-24789",
+        "CVE-2024-24790",
+        "CVE-2024-4741"
+    ]
+}
--- a/advisories/PHSA-2024-4.0-0638.json
+++ b/advisories/PHSA-2024-4.0-0638.json
@ -0,0 +1,56 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "nginx",
+                "purl": "pkg:rpm/vmware/nginx?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "1.26.1-1.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "libssh2",
+                "purl": "pkg:rpm/vmware/libssh2?distro=photon-4"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "1.11.0-2.ph4"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-4.0-0638",
+    "modified": "2024-06-25T05:24:10Z",
+    "published": "2024-06-24T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-638"
+        }
+    ],
+    "related": [
+        "CVE-2024-35200",
+        "CVE-2024-31079",
+        "CVE-2024-32760",
+        "CVE-2024-34161",
+        "CVE-2023-48795"
+    ]
+}
--- a/advisories/PHSA-2024-5.0-0289.json
+++ b/advisories/PHSA-2024-5.0-0289.json
@ -0,0 +1,34 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:5.0",
+                "name": "cups",
+                "purl": "pkg:rpm/vmware/cups?distro=photon-5"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "2.4.7-3.ph5"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-5.0-0289",
+    "modified": "2024-06-25T05:24:10Z",
+    "published": "2024-06-11T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-5.0-289"
+        }
+    ],
+    "related": [
+        "CVE-2024-35235"
+    ]
+}
--- a/advisories/PHSA-2024-5.0-0301.json
+++ b/advisories/PHSA-2024-5.0-0301.json
@ -17,10 +17,28 @@
                ],
                "type": "ECOSYSTEM"
            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:5.0",
+                "name": "libarchive",
+                "purl": "pkg:rpm/vmware/libarchive?distro=photon-5"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "3.7.1-2.ph5"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
        }
    ],
    "id": "PHSA-2024-5.0-0301",
-    "modified": "2024-06-22T05:24:26Z",
+    "modified": "2024-06-25T05:24:10Z",
    "published": "2024-06-21T00:00:00Z",
    "references": [
        {
@ -29,6 +47,7 @@
        }
    ],
    "related": [
-        "CVE-2024-4741"
+        "CVE-2024-4741",
+        "CVE-2024-26256"
    ]
 }
--- a/advisories/PHSA-2024-5.0-0302.json
+++ b/advisories/PHSA-2024-5.0-0302.json
@ -0,0 +1,57 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:5.0",
+                "name": "nginx",
+                "purl": "pkg:rpm/vmware/nginx?distro=photon-5"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "1.27.0-1.ph5"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:5.0",
+                "name": "go",
+                "purl": "pkg:rpm/vmware/go?distro=photon-5"
+            },
+            "ranges": {
+                "events": [
+                    {
+                        "introduced": "0"
+                    },
+                    {
+                        "fixed": "1.21.11-1.ph5"
+                    }
+                ],
+                "type": "ECOSYSTEM"
+            }
+        }
+    ],
+    "id": "PHSA-2024-5.0-0302",
+    "modified": "2024-06-25T05:24:10Z",
+    "published": "2024-06-24T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-5.0-302"
+        }
+    ],
+    "related": [
+        "CVE-2024-35200",
+        "CVE-2024-31079",
+        "CVE-2024-32760",
+        "CVE-2024-34161",
+        "CVE-2024-24789",
+        "CVE-2024-24790"
+    ]
+}
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 21cc42b9aa44978f77e1d781fdaa74cc21a6d0ae
+Subproject commit 91b181a957279a2bb93568972b1cb6f4a4fd19d3