Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: e2485968 by Moritz Muehlenhoff at 2023-06-23T17:13:33+02:00 bugnums - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -25,13 +25,13 @@ CVE-2023-35131 (Content on the groups page required additional sanitizing to pre CVE-2023-34553 (An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attacke ...) NOT-FOR-US: WAFU Keyless Smart Lock CVE-2023-34462 (Netty is an asynchronous event-driven network application framework fo ...) - - netty <unfixed> + - netty <unfixed> (bug #1038947) [bookworm] - netty <postponed> (Minor issue, fix along in future update) [bullseye] - netty <postponed> (Minor issue, fix along in future update) NOTE: https://github.com/netty/netty/security/advisories/GHSA-6mjq-h674-j845 NOTE: https://github.com/netty/netty/commit/535da17e45201ae4278c0479e6162bb4127d4c32 CVE-2023-34110 (Flask-AppBuilder is an application development framework, built on top ...) - - flask-appbuilder <unfixed> + - flask-appbuilder <unfixed> (bug #1038948) NOTE: https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-jhpr-j7cq-3jp3 NOTE: https://github.com/dpgaspar/Flask-AppBuilder/commit/ae25ad4c87a9051ebe4a4e8f02aee73232642626 CVE-2023-33299 (A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, ...) @@ -1185,7 +1185,7 @@ CVE-2023-34334 (AMI BMC contains a vulnerability in the SPX REST API, where an a NOT-FOR-US: AMI BMC CVE-2023-34246 (Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to ...) [experimental] - ruby-doorkeeper 5.6.6-1 - - ruby-doorkeeper <unfixed> + - ruby-doorkeeper <unfixed> (bug #1038950) NOTE: https://github.com/doorkeeper-gem/doorkeeper/security/advisories/GHSA-7w2c-w47h-789w NOTE: https://github.com/doorkeeper-gem/doorkeeper/issues/1589 NOTE: https://github.com/doorkeeper-gem/doorkeeper/pull/1646 @@ -1468,7 +1468,7 @@ CVE-2023-3142 (Cross-site Scripting (XSS) - Stored in GitHub repository microweb CVE-2023-3140 (Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNI ...) NOT-FOR-US: KNIME Business Hub CVE-2023-34237 (SABnzbd is an open source automated Usenet download tool. A design fla ...) - - sabnzbdplus <unfixed> + - sabnzbdplus <unfixed> (bug #1038949) NOTE: https://github.com/sabnzbd/sabnzbd/commit/422b4fce7bfd56e95a315be0400cdfdc585df7cc (4.0.2RC2) NOTE: https://github.com/sabnzbd/sabnzbd/commit/e3a722664819d1c7c8fab97144cc299b1c18b429 (4.0.2RC2) NOTE: https://github.com/sabnzbd/sabnzbd/security/advisories/GHSA-hhgh-xgh3-985r View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2485968a26afec7abc09305989d7b8765fe2b92 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2485968a26afec7abc09305989d7b8765fe2b92 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits