From f38f0f2f861275bc038cabd96cd477e68376a77c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 25 Jun 2024 05:37:31 +0000 Subject: [PATCH] Update Advisories --- advisories/PHSA-2024-4.0-0629.json | 34 ++++++++++++++++++ advisories/PHSA-2024-4.0-0637.json | 54 ++++++++++++++++++++++++++++ advisories/PHSA-2024-4.0-0638.json | 56 +++++++++++++++++++++++++++++ advisories/PHSA-2024-5.0-0289.json | 34 ++++++++++++++++++ advisories/PHSA-2024-5.0-0301.json | 23 ++++++++++-- advisories/PHSA-2024-5.0-0302.json | 57 ++++++++++++++++++++++++++++++ photon-wiki | 2 +- 7 files changed, 257 insertions(+), 3 deletions(-) create mode 100644 advisories/PHSA-2024-4.0-0629.json create mode 100644 advisories/PHSA-2024-4.0-0637.json create mode 100644 advisories/PHSA-2024-4.0-0638.json create mode 100644 advisories/PHSA-2024-5.0-0289.json create mode 100644 advisories/PHSA-2024-5.0-0302.json diff --git a/advisories/PHSA-2024-4.0-0629.json b/advisories/PHSA-2024-4.0-0629.json new file mode 100644 index 0000000..866e549 --- /dev/null +++ b/advisories/PHSA-2024-4.0-0629.json @@ -0,0 +1,34 @@ +{ + "affected": [ + { + "package": { + "ecosystem": "Photon OS:4.0", + "name": "cups", + "purl": "pkg:rpm/vmware/cups?distro=photon-4" + }, + "ranges": { + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2.4.7-3.ph4" + } + ], + "type": "ECOSYSTEM" + } + } + ], + "id": "PHSA-2024-4.0-0629", + "modified": "2024-06-25T05:24:10Z", + "published": "2024-06-11T00:00:00Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-629" + } + ], + "related": [ + "CVE-2024-35235" + ] +} \ No newline at end of file diff --git a/advisories/PHSA-2024-4.0-0637.json b/advisories/PHSA-2024-4.0-0637.json new file mode 100644 index 0000000..b9cc188 --- /dev/null +++ b/advisories/PHSA-2024-4.0-0637.json @@ -0,0 +1,54 @@ +{ + "affected": [ + { + "package": { + "ecosystem": "Photon OS:4.0", + "name": "go", + "purl": "pkg:rpm/vmware/go?distro=photon-4" + }, + "ranges": { + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.21.11-1.ph4" + } + ], + "type": "ECOSYSTEM" + } + }, + { + "package": { + "ecosystem": "Photon OS:4.0", + "name": "openssl", + "purl": "pkg:rpm/vmware/openssl?distro=photon-4" + }, + "ranges": { + "events": [ + { + "introduced": "0" + }, + { + "fixed": "3.0.14-1.ph4" + } + ], + "type": "ECOSYSTEM" + } + } + ], + "id": "PHSA-2024-4.0-0637", + "modified": "2024-06-25T05:24:10Z", + "published": "2024-06-24T00:00:00Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-637" + } + ], + "related": [ + "CVE-2024-24789", + "CVE-2024-24790", + "CVE-2024-4741" + ] +} \ No newline at end of file diff --git a/advisories/PHSA-2024-4.0-0638.json b/advisories/PHSA-2024-4.0-0638.json new file mode 100644 index 0000000..9a1a1f5 --- /dev/null +++ b/advisories/PHSA-2024-4.0-0638.json @@ -0,0 +1,56 @@ +{ + "affected": [ + { + "package": { + "ecosystem": "Photon OS:4.0", + "name": "nginx", + "purl": "pkg:rpm/vmware/nginx?distro=photon-4" + }, + "ranges": { + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.26.1-1.ph4" + } + ], + "type": "ECOSYSTEM" + } + }, + { + "package": { + "ecosystem": "Photon OS:4.0", + "name": "libssh2", + "purl": "pkg:rpm/vmware/libssh2?distro=photon-4" + }, + "ranges": { + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.11.0-2.ph4" + } + ], + "type": "ECOSYSTEM" + } + } + ], + "id": "PHSA-2024-4.0-0638", + "modified": "2024-06-25T05:24:10Z", + "published": "2024-06-24T00:00:00Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-638" + } + ], + "related": [ + "CVE-2024-35200", + "CVE-2024-31079", + "CVE-2024-32760", + "CVE-2024-34161", + "CVE-2023-48795" + ] +} \ No newline at end of file diff --git a/advisories/PHSA-2024-5.0-0289.json b/advisories/PHSA-2024-5.0-0289.json new file mode 100644 index 0000000..ad693d8 --- /dev/null +++ b/advisories/PHSA-2024-5.0-0289.json @@ -0,0 +1,34 @@ +{ + "affected": [ + { + "package": { + "ecosystem": "Photon OS:5.0", + "name": "cups", + "purl": "pkg:rpm/vmware/cups?distro=photon-5" + }, + "ranges": { + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2.4.7-3.ph5" + } + ], + "type": "ECOSYSTEM" + } + } + ], + "id": "PHSA-2024-5.0-0289", + "modified": "2024-06-25T05:24:10Z", + "published": "2024-06-11T00:00:00Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/vmware/photon/wiki/Security-Update-5.0-289" + } + ], + "related": [ + "CVE-2024-35235" + ] +} \ No newline at end of file diff --git a/advisories/PHSA-2024-5.0-0301.json b/advisories/PHSA-2024-5.0-0301.json index f74d9fa..d106ac7 100644 --- a/advisories/PHSA-2024-5.0-0301.json +++ b/advisories/PHSA-2024-5.0-0301.json @@ -17,10 +17,28 @@ ], "type": "ECOSYSTEM" } + }, + { + "package": { + "ecosystem": "Photon OS:5.0", + "name": "libarchive", + "purl": "pkg:rpm/vmware/libarchive?distro=photon-5" + }, + "ranges": { + "events": [ + { + "introduced": "0" + }, + { + "fixed": "3.7.1-2.ph5" + } + ], + "type": "ECOSYSTEM" + } } ], "id": "PHSA-2024-5.0-0301", - "modified": "2024-06-22T05:24:26Z", + "modified": "2024-06-25T05:24:10Z", "published": "2024-06-21T00:00:00Z", "references": [ { @@ -29,6 +47,7 @@ } ], "related": [ - "CVE-2024-4741" + "CVE-2024-4741", + "CVE-2024-26256" ] } \ No newline at end of file diff --git a/advisories/PHSA-2024-5.0-0302.json b/advisories/PHSA-2024-5.0-0302.json new file mode 100644 index 0000000..59f46e7 --- /dev/null +++ b/advisories/PHSA-2024-5.0-0302.json @@ -0,0 +1,57 @@ +{ + "affected": [ + { + "package": { + "ecosystem": "Photon OS:5.0", + "name": "nginx", + "purl": "pkg:rpm/vmware/nginx?distro=photon-5" + }, + "ranges": { + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.27.0-1.ph5" + } + ], + "type": "ECOSYSTEM" + } + }, + { + "package": { + "ecosystem": "Photon OS:5.0", + "name": "go", + "purl": "pkg:rpm/vmware/go?distro=photon-5" + }, + "ranges": { + "events": [ + { + "introduced": "0" + }, + { + "fixed": "1.21.11-1.ph5" + } + ], + "type": "ECOSYSTEM" + } + } + ], + "id": "PHSA-2024-5.0-0302", + "modified": "2024-06-25T05:24:10Z", + "published": "2024-06-24T00:00:00Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/vmware/photon/wiki/Security-Update-5.0-302" + } + ], + "related": [ + "CVE-2024-35200", + "CVE-2024-31079", + "CVE-2024-32760", + "CVE-2024-34161", + "CVE-2024-24789", + "CVE-2024-24790" + ] +} \ No newline at end of file diff --git a/photon-wiki b/photon-wiki index 21cc42b..91b181a 160000 --- a/photon-wiki +++ b/photon-wiki @@ -1 +1 @@ -Subproject commit 21cc42b9aa44978f77e1d781fdaa74cc21a6d0ae +Subproject commit 91b181a957279a2bb93568972b1cb6f4a4fd19d3