Ben Hutchings pushed to branch master at Debian Security Tracker / security-tracker
Commits: fd21b526 by Ben Hutchings at 2023-04-24T00:39:48+02:00 Fill in details of the CVE IDs assigned for sgt-puzzles 7 CVE IDs have been assigned, but not published, for issues covered by Debian bug #1028986. Use my own summaries for these. No CVE IDs were requested for the issues covered by Debian bug #1034190. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -19774,24 +19774,38 @@ CVE-2023-24293 RESERVED CVE-2023-24292 RESERVED -CVE-2023-24291 - RESERVED +CVE-2023-24291 (A crafted save file can cause a buffer overrun in Simon Tatham's Portable Puzzle Collection) + - sgt-puzzles 20230122.806ae71-1 (bug #1028986) + [bullseye] - sgt-puzzles <no-dsa> (Minor issue) + [buster] - sgt-puzzles <no-dsa> (Minor issue) CVE-2023-24290 RESERVED CVE-2023-24289 RESERVED -CVE-2023-24288 - RESERVED -CVE-2023-24287 - RESERVED -CVE-2023-24286 - RESERVED -CVE-2023-24285 - RESERVED -CVE-2023-24284 - RESERVED -CVE-2023-24283 - RESERVED +CVE-2023-24288 (A crafted save file can cause a buffer overrun in Simon Tatham's Portable Puzzle Collection) + - sgt-puzzles 20230122.806ae71-1 (bug #1028986) + [bullseye] - sgt-puzzles <no-dsa> (Minor issue) + [buster] - sgt-puzzles <no-dsa> (Minor issue) +CVE-2023-24287 (A crafted save file can cause a buffer overrun in the Undead puzzle) + - sgt-puzzles 20230122.806ae71-1 (bug #1028986) + [bullseye] - sgt-puzzles <no-dsa> (Minor issue) + [buster] - sgt-puzzles <no-dsa> (Minor issue) +CVE-2023-24286 (A crafted save file can cause a buffer overrun in the Mosaic puzzle) + - sgt-puzzles 20230122.806ae71-1 (bug #1028986) + [bullseye] - sgt-puzzles <not-affected> (Vulnerable code introduced later) + [buster] - sgt-puzzles <not-affected> (Vulnerable code introduced later) +CVE-2023-24285 (A crafted save file can cause a buffer overrun in the Netslide puzzle) + - sgt-puzzles 20230122.806ae71-1 (bug #1028986) + [bullseye] - sgt-puzzles <no-dsa> (Minor issue) + [buster] - sgt-puzzles <no-dsa> (Minor issue) +CVE-2023-24284 (A crafted save file can cause a buffer overrun in the Guess puzzle) + - sgt-puzzles 20230122.806ae71-1 (bug #1028986) + [bullseye] - sgt-puzzles <no-dsa> (Minor issue) + [buster] - sgt-puzzles <no-dsa> (Minor issue) +CVE-2023-24283 (A crafted save file can cause a buffer overrun in the Guess puzzle) + - sgt-puzzles 20230122.806ae71-1 (bug #1028986) + [bullseye] - sgt-puzzles <no-dsa> (Minor issue) + [buster] - sgt-puzzles <no-dsa> (Minor issue) CVE-2023-24282 (An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 al ...) NOT-FOR-US: Poly Trio 8800 CVE-2023-24281 @@ -21761,15 +21775,6 @@ CVE-2023-0307 (Weak Password Requirements in GitHub repository thorsten/phpmyfaq NOT-FOR-US: phpmyfaq CVE-2023-0306 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...) NOT-FOR-US: phpmyfaq -CVE-2023-XXXX [More security bugs in game loading] - [experimental] - sgt-puzzles 20230410.71cf891-1 - - sgt-puzzles 20230122.806ae71-2 (bug #1034190) - [bullseye] - sgt-puzzles <no-dsa> (Minor issue) - [buster] - sgt-puzzles <no-dsa> (Minor issue) -CVE-2023-XXXX [Multiple integer overflow and buffer overflow issues in game loading] - - sgt-puzzles 20230122.806ae71-1 (bug #1028986) - [bullseye] - sgt-puzzles <no-dsa> (Minor issue) - [buster] - sgt-puzzles <no-dsa> (Minor issue) CVE-2023-0305 (A vulnerability classified as critical was found in SourceCodester Onl ...) NOT-FOR-US: SourceCodester Online Food Ordering System CVE-2023-0304 (A vulnerability classified as critical has been found in SourceCodeste ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd21b526efa1d9023cdaf587f5f41123f8e2e1a6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd21b526efa1d9023cdaf587f5f41123f8e2e1a6 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits