Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits: b285cbab by Anton Gladky at 2023-07-31T19:04:58+02:00 CVE-2020-22402: mark as not-affected for buster - - - - - 20387165 by Anton Gladky at 2023-07-31T19:04:59+02:00 LTS: add bouncycastle - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -214874,7 +214874,9 @@ CVE-2020-22403 (Cross Site Request Forgery (CSRF) vulnerability in Express cart NOT-FOR-US: Node express-cart CVE-2020-22402 (Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 ...) - sogo 4.3.2-1 + [buster] - sogo <not-affected> (Vulnerable code added later) NOTE: https://bugs.sogo.nu//view.php?id=4979 + NOTE: https://github.com/Alinto/sogo/commit/d1dbceb407b37aff6563d06194189965af39cf3e CVE-2020-22401 RESERVED CVE-2020-22400 ===================================== data/dla-needed.txt ===================================== @@ -24,6 +24,9 @@ rather than remove/replace existing ones. amanda (Thorsten Alteholz) NOTE: 20230730: Added by Front-Desk (apo) -- +bouncycastle + NOTE: 20230731: Added by Front-Desk (gladk) +-- cairosvg (gladk) NOTE: 20230323: Added by Front-Desk (gladk) NOTE: 20230411: Proposed solution for CVE-2023-27586 in Buster to backport the --unsafe switch, introduced in 1.0.21, might work (dleidert/inactive) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/abfb15aa3b763450b48fc626260a925efd9a79e8...203871654dfc7032aa83961ac891d40daea608a4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/abfb15aa3b763450b48fc626260a925efd9a79e8...203871654dfc7032aa83961ac891d40daea608a4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits