[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) Sat, 28 Oct 2023 07:49:27 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
763c8647 by Moritz Muehlenhoff at 2023-10-28T16:46:20+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,11 +7,11 @@ CVE-2023-5830 (A vulnerability classified as critical has 
been found in Columbia
 CVE-2023-46587 (Buffer Overflow vulnerability in XnView Classic v.2.51.5 
allows a loca ...)
        NOT-FOR-US: XnView
 CVE-2023-46570 (An out-of-bounds read in radare2 v.5.8.9 and before exists in 
the prin ...)
-       - radare2 <unfixed>
+       - radare2 <unfixed> (bug #1054908)
        NOTE: https://github.com/radareorg/radare2/issues/22333
        NOTE: Fixed by: 
https://github.com/radareorg/radare2/commit/3e406459f163eba7672b3421c8a84b2c0e4ac0f8
 CVE-2023-46569 (An out-of-bounds read in radare2 v.5.8.9 and before exists in 
the prin ...)
-       - radare2 <unfixed>
+       - radare2 <unfixed> (bug #1054908)
        NOTE: https://github.com/radareorg/radare2/issues/22334
        NOTE: Fixed by: 
https://github.com/radareorg/radare2/commit/2e2f2a9b1800d09be09461e7536ac03a301f97f2
 CVE-2023-46510 (An issue in ZIONCOM (Hong Kong) Technology Limited A7000R 
v.4.1cu.4154 ...)
@@ -119,7 +119,7 @@ CVE-2023-46852 (In Memcached before 1.6.22, a buffer 
overflow exists when proces
        [bullseye] - memcached <no-dsa> (Minor issue)
        NOTE: 
https://github.com/memcached/memcached/commit/76a6c363c18cfe7b6a1524ae64202ac9db330767
 (1.6.22)
 CVE-2023-46604 (Apache ActiveMQ is vulnerable to Remote Code Execution.The 
vulnerabili ...)
-       - activemq <unfixed>
+       - activemq <unfixed> (bug #1054909)
        NOTE: 
https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
        NOTE: http://www.openwall.com/lists/oss-security/2023/10/27/5
 CVE-2023-46407 (FFmpeg prior to commit bf814 was discovered to contain an out 
of bound ...)
@@ -2111,7 +2111,7 @@ CVE-2023-4215 (Advantech WebAccess version 9.1.3 contains 
an exposure of sensiti
 CVE-2023-4089 (On affected Wago products an remote attacker with 
administrative privi ...)
        NOT-FOR-US: Wago
 CVE-2023-45807 (OpenSearch is a community-driven, open source fork of 
Elasticsearch an ...)
-       - opensearch <unfixed>
+       - opensearch <unfixed> (bug #1054912)
        NOTE: 
https://github.com/opensearch-project/security/security/advisories/GHSA-72q2-gwwf-6hrv
 CVE-2023-45659 (Engelsystem is a shift planning system for chaos events.  If a 
users'  ...)
        NOT-FOR-US: Engelsystem
@@ -23962,7 +23962,7 @@ CVE-2023-31143 (mage-ai is an open-source data pipeline 
tool for transforming an
 CVE-2023-31142 (Discourse is an open source discussion platform. Prior to 
version 3.0. ...)
        NOT-FOR-US: Discourse
 CVE-2023-31141 (OpenSearch is open-source software suite for search, 
analytics, and ob ...)
-       - opensearch <unfixed>
+       - opensearch <unfixed> (bug #1054912)
        NOTE: 
https://github.com/opensearch-project/security/security/advisories/GHSA-g8xc-6mf7-h28h
 CVE-2023-31140 (OpenProject is open source project management software. 
Starting with  ...)
        NOT-FOR-US: OpenProject
@@ -47056,10 +47056,10 @@ CVE-2023-23615 (Discourse is an open source 
discussion platform. The embeddable
 CVE-2023-23614 (Pi-hole\xae's Web interface (based off of AdminLTE) provides a 
central ...)
        NOT-FOR-US: Pi-Hole
 CVE-2023-23613 (OpenSearch is an open source distributed and RESTful search 
engine. In ...)
-       - opensearch <unfixed>
+       - opensearch <unfixed> (bug #1054912)
        NOTE: 
https://github.com/opensearch-project/security/security/advisories/GHSA-v3cg-7r9h-r2g6
 CVE-2023-23612 (OpenSearch is an open source distributed and RESTful search 
engine. Op ...)
-       - opensearch <unfixed>
+       - opensearch <unfixed> (bug #1054912)
        NOTE: 
https://github.com/opensearch-project/security/security/advisories/GHSA-864v-6qj7-62qj
 CVE-2023-23611 (LTI Consumer XBlock implements the consumer side of the LTI 
specificat ...)
        NOT-FOR-US: LTI



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/763c86473fae0c1f3d3457ca66d9195a496ead8e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/763c86473fae0c1f3d3457ca66d9195a496ead8e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bugnums

Reply via email to