[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2023-5363/openssl

Tue, 24 Oct 2023 08:11:48 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
784048eb by Salvatore Bonaccorso at 2023-10-24T17:10:38+02:00
Add CVE-2023-5363/openssl

- - - - -
4a3dcab5 by Salvatore Bonaccorso at 2023-10-24T17:11:18+02:00
Add openssl to dsa-needed list

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -50,6 +50,11 @@ CVE-2023-5721
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5721
 CVE-2023-5746 (A vulnerability regarding use of externally-controlled format 
string i ...)
        NOT-FOR-US: Synology
+CVE-2023-5363 [Incorrect cipher key & IV length processing]
+       - openssl <unfixed>
+       [bullseye] - openssl <not-affected> (Vulnerable code not present)
+       [buster] - openssl <not-affected> (Vulnerable code not present)
+       NOTE: https://www.openssl.org/news/secadv/20231024.txt
 CVE-2023-46059 (Cross Site Scripting (XSS) vulnerability in Geeklog-Core 
geeklog v.2.2 ...)
        NOT-FOR-US: Geeklog-Core geeklog
 CVE-2023-46058 (Cross Site Scripting (XSS) vulnerability in Geeklog-Core 
geeklog v.2.2 ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -46,6 +46,8 @@ openjdk-11/oldstable (jmm)
 --
 openjdk-17 (jmm)
 --
+openssl (carnil)
+--
 php-cas/oldstable
 --
 php-horde-mime-viewer/oldstable



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/170e0e91d9d251abf820adf84eb4ee6244834088...4a3dcab575e09aaf2632ec3a9e67c3fd18c5554e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/170e0e91d9d251abf820adf84eb4ee6244834088...4a3dcab575e09aaf2632ec3a9e67c3fd18c5554e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to