SUSE-SU-2024:4433-1
Vulnerability from csaf_suse - Published: 2024-12-30 08:23 - Updated: 2024-12-30 08:23Summary
Security update for govulncheck-vulndb
Notes
Title of the patch
Security update for govulncheck-vulndb
Description of the patch
This update for govulncheck-vulndb fixes the following issues:
- Update to version 0.0.20241218T202206 2024-12-18T20:22:06Z. (jsc#PED-11136)
Go CVE Numbering Authority IDs added or updated with aliases:
* GO-2024-3333
- Update to version 0.0.20241218T163557 2024-12-18T16:35:57Z. (jsc#PED-11136)
Go CVE Numbering Authority IDs added or updated with aliases:
* GO-2024-3331 GHSA-9j3m-fr7q-jxfw
* GO-2024-3334 GHSA-qqc8-rv37-79q5
* GO-2024-3335 GHSA-xx83-cxmq-x89m
* GO-2024-3336 GHSA-cwq8-g58r-32hg
* GO-2024-3337 GHSA-69pr-78gv-7c6h
* GO-2024-3338 GHSA-826h-p4c3-477p
* GO-2024-3339 GHSA-8wcc-m6j2-qxvm
* GO-2024-3340 GHSA-v647-h8jj-fw5r
- Update to version 0.0.20241213T205935 2024-12-13T20:59:35Z. (jsc#PED-11136)
Go CVE Numbering Authority IDs added or updated with aliases:
* GO-2022-0635 GHSA-7f33-f4f5-xwgw
* GO-2022-0646 GHSA-f5pg-7wfw-84q9
* GO-2022-0828 GHSA-fx8w-mjvm-hvpc
* GO-2023-2170 GHSA-q78c-gwqw-jcmc
* GO-2023-2330 GHSA-7fxm-f474-hf8w
* GO-2024-2901 GHSA-8hqg-whrw-pv92
* GO-2024-3104 GHSA-846m-99qv-67mg
* GO-2024-3122 GHSA-q3hw-3gm4-w5cr
* GO-2024-3140 GHSA-xxxw-3j6h-q7h6
* GO-2024-3169 GHSA-fhqq-8f65-5xfc
* GO-2024-3186 GHSA-586p-749j-fhwp
* GO-2024-3205 GHSA-xhr3-wf7j-h255
* GO-2024-3218 GHSA-mqr9-hjr8-2m9w
* GO-2024-3245 GHSA-95j2-w8x7-hm88
* GO-2024-3248 GHSA-p26r-gfgc-c47h
* GO-2024-3259 GHSA-p7mv-53f2-4cwj
* GO-2024-3265 GHSA-gppm-hq3p-h4rp
* GO-2024-3268 GHSA-r864-28pw-8682
* GO-2024-3279 GHSA-7225-m954-23v7
* GO-2024-3282 GHSA-r4pg-vg54-wxx4
* GO-2024-3286 GHSA-27wf-5967-98gx
* GO-2024-3293
* GO-2024-3295 GHSA-55v3-xh23-96gh
* GO-2024-3302 GHSA-px8v-pp82-rcvr
* GO-2024-3306 GHSA-7mwh-q3xm-qh6p
* GO-2024-3312 GHSA-4c49-9fpc-hc3v
* GO-2024-3313 GHSA-jpmc-7p9c-4rxf
* GO-2024-3314 GHSA-c2xf-9v2r-r2rx
* GO-2024-3315
* GO-2024-3319 GHSA-vmg2-r3xv-r3xf
* GO-2024-3321 GHSA-v778-237x-gjrc
* GO-2024-3323 GHSA-25w9-wqfq-gwqx
* GO-2024-3324 GHSA-4pjc-pwgq-q9jp
* GO-2024-3325 GHSA-c7xh-gjv4-4jgv
* GO-2024-3326 GHSA-fqj6-whhx-47p7
* GO-2024-3327 GHSA-xx68-37v4-4596
* GO-2024-3330 GHSA-7prj-hgx4-2xc3
Patchnames
SUSE-2024-4433,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4433,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4433,openSUSE-SLE-15.5-2024-4433,openSUSE-SLE-15.6-2024-4433
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for govulncheck-vulndb",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for govulncheck-vulndb fixes the following issues:\n\n- Update to version 0.0.20241218T202206 2024-12-18T20:22:06Z. (jsc#PED-11136)\n Go CVE Numbering Authority IDs added or updated with aliases:\n * GO-2024-3333\n\n- Update to version 0.0.20241218T163557 2024-12-18T16:35:57Z. (jsc#PED-11136)\n Go CVE Numbering Authority IDs added or updated with aliases:\n * GO-2024-3331 GHSA-9j3m-fr7q-jxfw\n * GO-2024-3334 GHSA-qqc8-rv37-79q5\n * GO-2024-3335 GHSA-xx83-cxmq-x89m\n * GO-2024-3336 GHSA-cwq8-g58r-32hg\n * GO-2024-3337 GHSA-69pr-78gv-7c6h\n * GO-2024-3338 GHSA-826h-p4c3-477p\n * GO-2024-3339 GHSA-8wcc-m6j2-qxvm\n * GO-2024-3340 GHSA-v647-h8jj-fw5r\n\n- Update to version 0.0.20241213T205935 2024-12-13T20:59:35Z. (jsc#PED-11136)\n Go CVE Numbering Authority IDs added or updated with aliases:\n * GO-2022-0635 GHSA-7f33-f4f5-xwgw\n * GO-2022-0646 GHSA-f5pg-7wfw-84q9\n * GO-2022-0828 GHSA-fx8w-mjvm-hvpc\n * GO-2023-2170 GHSA-q78c-gwqw-jcmc\n * GO-2023-2330 GHSA-7fxm-f474-hf8w\n * GO-2024-2901 GHSA-8hqg-whrw-pv92\n * GO-2024-3104 GHSA-846m-99qv-67mg\n * GO-2024-3122 GHSA-q3hw-3gm4-w5cr\n * GO-2024-3140 GHSA-xxxw-3j6h-q7h6\n * GO-2024-3169 GHSA-fhqq-8f65-5xfc\n * GO-2024-3186 GHSA-586p-749j-fhwp\n * GO-2024-3205 GHSA-xhr3-wf7j-h255\n * GO-2024-3218 GHSA-mqr9-hjr8-2m9w\n * GO-2024-3245 GHSA-95j2-w8x7-hm88\n * GO-2024-3248 GHSA-p26r-gfgc-c47h\n * GO-2024-3259 GHSA-p7mv-53f2-4cwj\n * GO-2024-3265 GHSA-gppm-hq3p-h4rp\n * GO-2024-3268 GHSA-r864-28pw-8682\n * GO-2024-3279 GHSA-7225-m954-23v7\n * GO-2024-3282 GHSA-r4pg-vg54-wxx4\n * GO-2024-3286 GHSA-27wf-5967-98gx\n * GO-2024-3293\n * GO-2024-3295 GHSA-55v3-xh23-96gh\n * GO-2024-3302 GHSA-px8v-pp82-rcvr\n * GO-2024-3306 GHSA-7mwh-q3xm-qh6p\n * GO-2024-3312 GHSA-4c49-9fpc-hc3v\n * GO-2024-3313 GHSA-jpmc-7p9c-4rxf\n * GO-2024-3314 GHSA-c2xf-9v2r-r2rx\n * GO-2024-3315\n * GO-2024-3319 GHSA-vmg2-r3xv-r3xf\n * GO-2024-3321 GHSA-v778-237x-gjrc\n * GO-2024-3323 GHSA-25w9-wqfq-gwqx\n * GO-2024-3324 GHSA-4pjc-pwgq-q9jp\n * GO-2024-3325 GHSA-c7xh-gjv4-4jgv\n * GO-2024-3326 GHSA-fqj6-whhx-47p7\n * GO-2024-3327 GHSA-xx68-37v4-4596\n * GO-2024-3330 GHSA-7prj-hgx4-2xc3\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-4433,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4433,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4433,openSUSE-SLE-15.5-2024-4433,openSUSE-SLE-15.6-2024-4433",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_4433-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:4433-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20244433-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:4433-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-December/020055.html"
}
],
"title": "Security update for govulncheck-vulndb",
"tracking": {
"current_release_date": "2024-12-30T08:23:59Z",
"generator": {
"date": "2024-12-30T08:23:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:4433-1",
"initial_release_date": "2024-12-30T08:23:59Z",
"revision_history": [
{
"date": "2024-12-30T08:23:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch",
"product": {
"name": "govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch",
"product_id": "govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch"
},
"product_reference": "govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch"
},
"product_reference": "govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch"
},
"product_reference": "govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch"
},
"product_reference": "govulncheck-vulndb-0.0.20241218T202206-150000.1.23.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…