English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.856146
Category:openSUSE Local Security Checks
Title:openSUSE Security Advisory (openSUSE-SU-2024:0130-1)
Summary:The remote host is missing an update for the 'git-cliff' package(s) announced via the openSUSE-SU-2024:0130-1 advisory.
Description:Summary:
The remote host is missing an update for the 'git-cliff' package(s) announced via the openSUSE-SU-2024:0130-1 advisory.

Vulnerability Insight:
This update for git-cliff fixes the following issues:

- update to 2.2.2:
* (changelog) Allow adding custom context
* (changelog) Ignore empty lines when using split_commits
* (parser) Allow matching empty commit body
* Documentation updates

- update to 2.2.1:
* Make rendering errors more verbose
* Support detecting config from project manifest
* Make the bump version rules configurable
* bug fixes and documentation updates
- CVE-2024-32650: rust-rustls: Infinite loop with proper client
input fixes (boo#1223218)

- Update to version 2.1.2:
* feat(npm): add programmatic API for TypeScript
* chore(fixtures): enable verbose logging for output
* refactor(clippy): apply clippy suggestions
* refactor(changelog): do not output to stdout when prepend is used
* feat(args): add `--tag-pattern` argument
* fix(config): fix commit parser regex in the default config
* fix(github): sanitize the GitHub token in debug logs
* chore(config): add animation to the header of the changelog
* refactor(clippy): apply clippy suggestions
* docs(security): update security policy
* chore(project): add readme to core package
* chore(embed): do not allow missing docs
* chore(config): skip dependabot commits for dev updates
* docs(readme): mention RustLab 2023 talk
* chore(config): revamp the configuration files
* chore(docker): update versions in Dockerfile
* chore(example): use full links in GitHub templates
* chore(project): bump MSRV to 1.74.1
* revert(config): use postprocessors for checking the typos
* feat(template): support using PR labels in the GitHub template
* docs(configuration): fix typo
* feat(args): add `--no-exec` flag for skipping command execution
* chore(command): explicitly set the directory of command to current dir
* refactor(ci): use hardcoded workspace members for cargo-msrv command
* refactor(ci): simplify cargo-msrv installation
* refactor(clippy): apply clippy suggestions
* refactor(config): use postprocessors for checking the typos
* chore(project): update copyright years
* chore(github): update templates about GitHub integration
* feat(changelog): set the timestamp of the previous release
* feat(template): support using PR title in the GitHub template
* feat(changelog): improve skipping via `.cliffignore` and `--skip-commit`
* chore(changelog): disable the default behavior of next-version
* fix(git): sort commits in topological order
* test(changelog): use the correct version for missing tags
* chore(changelog): use 0.1.0 as default next release if no tag is found
* feat(github)!: support integration with GitHub repos
* refactor(changelog): support `--bump` for processed releases
* fix(cli): fix broken pipe when stdout is interrupted
* test(fixtures): update the bumped value output to add prefix
* feat(changelog): support tag prefixes with `--bump`
* feat(changelog)!: set tag to `0.0.1` via `--bump` if no tags exist
* ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'git-cliff' package(s) on openSUSE Leap 15.5.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2024-32650
https://github.com/rustls/rustls/commit/2123576840aa31043a31b0770e6572136fbe0c2d
https://github.com/rustls/rustls/commit/6e938bcfe82a9da7a2e1cbf10b928c7eca26426e
https://github.com/rustls/rustls/commit/f45664fbded03d833dffd806503d3c8becd1b71e
https://github.com/rustls/rustls/security/advisories/GHSA-6g7w-8wpp-frhj
CopyrightCopyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.