git: 2f82539eed51 - main - security/vuxml: Record security/suricata multiple vulnerabilities

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Fernando Apesteguía <fernape_at_FreeBSD.org>
Date: Fri, 23 Feb 2024 19:06:55 UTC

The branch main has been updated by fernape:

URL: https://cgit.FreeBSD.org/ports/commit/?id=2f82539eed518114cb2ad60f04809c7127a433fd

commit 2f82539eed518114cb2ad60f04809c7127a433fd
Author:     Fernando Apesteguía <fernape@FreeBSD.org>
AuthorDate: 2024-02-23 19:03:59 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2024-02-23 19:06:32 +0000

    security/vuxml: Record security/suricata multiple vulnerabilities
    
    No details for this CVEs yet.
    
    CVE-2024-23839 – Critical severity
    CVE-2024-23836 – Critical severity
    CVE-2024-23835 – High severity
    CVE-2024-24568 – Moderate severity
    CVE-2024-23837 – Critical severity
    
    PR:     277025
    Reported by:    franco@opnsense.org
    MFH:            2024Q1 (security fixes)
---
 security/vuxml/vuln/2024.xml | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml
index 7df1fb5d4f09..b66c5c5bc5cd 100644
--- a/security/vuxml/vuln/2024.xml
+++ b/security/vuxml/vuln/2024.xml
@@ -1,3 +1,33 @@
+  <vuln vid="979dc373-d27d-11ee-8b84-b42e991fc52e">
+    <topic>suricata -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>suricata</name>
+	<range><lt>7.0.3</lt></range>
+      </package>
+    </affects>
+    <description>
+	<body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Suricata team reports:</p>
+	<blockquote cite="https://suricata.io/2024/02/08/suricata-7-0-3-and-6-0-16-released/">
+	  <p>Multiple vulnerabilities fixed in the last release of suricata.</p>
+	</blockquote>
+	<p>No details have been disclosed yet</p>
+	</body>
+    </description>
+    <references>
+      <cvename>CVE-2024-23839</cvename>
+      <cvename>CVE-2024-23836</cvename>
+      <cvename>CVE-2024-23835</cvename>
+      <cvename>CVE-2024-24568</cvename>
+      <cvename>CVE-2024-23837</cvename>
+    </references>
+    <dates>
+      <discovery>2024-01-22</discovery>
+      <entry>2024-02-23</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="80ad6d6c-b398-457f-b88f-bf6be0bbad44">
     <topic>electron27 -- multiple vulnerabilities</topic>
     <affects>