Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bbe1c48c by Moritz Mühlenhoff at 2023-05-24T16:01:48+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -54,11 +54,15 @@ CVE-2023-31669 (WebAssembly wat2wasm v1.0.32 allows
attackers to cause a libc++a
NOTE: https://github.com/WebAssembly/wabt/issues/2165
NOTE: Crash in CLI tool, no security impact
CVE-2023-31518 (A heap use-after-free in the component
CDataFileReader::GetItem of tee ...)
- - teeworlds <unfixed>
+ - teeworlds <unfixed> (bug #1036703)
+ [bookworm] - teeworlds <ignored> (Minor issue)
+ [bullseye] - teeworlds <ignored> (Minor issue)
NOTE:
https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b
NOTE: https://github.com/teeworlds/teeworlds/issues/2970
CVE-2023-31517 (Teeworlds v0.7.5 was discovered to contain memory leaks.)
- - teeworlds <unfixed>
+ - teeworlds <unfixed> (bug #1036703)
+ [bookworm] - teeworlds <ignored> (Minor issue)
+ [bullseye] - teeworlds <ignored> (Minor issue)
NOTE:
https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b
CVE-2023-2703 (Exposure of Private Personal Information to an Unauthorized
Actor vuln ...)
NOT-FOR-US: Finex Media Competition Management System
@@ -130,21 +134,25 @@ CVE-2023-31584 (GitHub repository cu/silicon commit
a9ef36 was discovered to con
NOT-FOR-US: cu/silicon
CVE-2023-2840 (NULL Pointer Dereference in GitHub repository gpac/gpac prior
to 2.2.2 ...)
- gpac <unfixed>
+ [bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://huntr.dev/bounties/21926fc2-6eb1-4e24-8a36-e60f487d0257/
NOTE:
https://github.com/gpac/gpac/commit/ba59206b3225f0e8e95a27eff41cb1c49ddf9a37
CVE-2023-2839 (Divide By Zero in GitHub repository gpac/gpac prior to 2.2.2.)
- gpac <unfixed>
+ [bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://huntr.dev/bounties/42dce889-f63d-4ea9-970f-1f20fc573d5f/
NOTE:
https://github.com/gpac/gpac/commit/047f96fb39e6bf70cb9f344093f5886e51dce0ac
CVE-2023-2838 (Out-of-bounds Read in GitHub repository gpac/gpac prior to
2.2.2.)
- gpac <unfixed>
+ [bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://huntr.dev/bounties/711e0988-5345-4c01-a2fe-1179604dd07f/
NOTE:
https://github.com/gpac/gpac/commit/c88df2e202efad214c25b4e586f243b2038779ba
CVE-2023-2837 (Stack-based Buffer Overflow in GitHub repository gpac/gpac
prior to 2. ...)
- gpac <unfixed>
+ [bullseye] - gpac <no-dsa> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://huntr.dev/bounties/a6bfd1b2-aba8-4c6f-90c4-e95b1831cb17/
NOTE:
https://github.com/gpac/gpac/commit/6f28c4cd607d83ce381f9b4a9f8101ca1e79c611
@@ -323,7 +331,7 @@ CVE-2019-25137 (Umbraco CMS 4.11.8 through 7.15.10, and
7.12.4, allows Remote Co
CVE-2023-32763
- qt6-base 6.4.2+dfsg-8
- qtbase-opensource-src 5.15.8+dfsg-10
- - qtbase-opensource-src-gles <unfixed>
+ - qtbase-opensource-src-gles <unfixed> (bug #1036702)
NOTE:
https://lists.qt-project.org/pipermail/announce/2023-May/000413.html
NOTE:
https://download.qt.io/official_releases/qt/5.15/CVE-2023-32763-qtbase-5.15.diff
NOTE:
https://download.qt.io/official_releases/qt/6.5/CVE-2023-32763-qtbase-6.5.diff
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbe1c48c966eb3da57e8269550e7ab7a8960a088
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bbe1c48c966eb3da57e8269550e7ab7a8960a088
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
