Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits: 53d95b27 by Anton Gladky at 2023-07-09T20:45:19+02:00 Mark CVE-2023-36201 as ignored for buster - - - - - ebd698e1 by Anton Gladky at 2023-07-09T20:45:19+02:00 Mark CVE-2023-3523 as EOL for buster (gpac) - - - - - 2533cd69 by Anton Gladky at 2023-07-09T20:45:19+02:00 LTS: Add node-tough-cookie - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -109,6 +109,7 @@ CVE-2023-36256 (The Online Examination System Project 1.0 version is vulnerable CVE-2023-36201 (An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker ...) - iotjs <removed> [bullseye] - iotjs <ignored> (Minor issue) + [buster] - iotjs <ignored> (Minor issue) NOTE: https://github.com/jerryscript-project/jerryscript/issues/5026 CVE-2023-34197 (Zoho ManageEngine ServiceDesk Plus before 14202, ServiceDesk Plus MSP ...) NOT-FOR-US: Zoho @@ -160,6 +161,7 @@ CVE-2023-3523 (Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. - gpac <unfixed> NOTE: https://huntr.dev/bounties/57e0be03-8484-415e-8b5c-c1fe4546eaac/ NOTE: https://github.com/gpac/gpac/commit/64201a26476c12a7dbd7ffb5757743af6954db96 + [buster] - gpac <end-of-life> (EOL in buster LTS) CVE-2023-3456 (Vulnerability of kernel raw address leakage in the hang detector modu ...) NOT-FOR-US: Huawei CVE-2023-37454 (An issue was discovered in the Linux kernel through 6.4.2. A crafted U ...) ===================================== data/dla-needed.txt ===================================== @@ -103,6 +103,9 @@ linux (Ben Hutchings) mediawiki (Markus Koschany) NOTE: 20230701: Added by Front-Desk (ta) -- +node-tough-cookie + NOTE: 20230709: Added by Front-Desk (gladk) +-- nova NOTE: 20230302: Re-add, request by maintainer (Beuc) NOTE: 20230302: zigo says that DLA 3302-1 ships a buster-specific CVE-2022-47951 backport that introduces regression @@ -132,6 +135,9 @@ openjdk-11 (Emilio) NOTE: 20230612: sid updated, preparing backport (pochu) NOTE: 20230627: waiting for DSA (pochu) -- +pandoc + NOTE: 20230709: Added by Front-Desk (gladk) +-- php-dompdf (rouca) NOTE: 20230618: Added by Front-Desk (opal) NOTE: 20230618: Low priority but higher than to not fix it. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/00404a33424169134995001a541dfecc28fd17a8...2533cd69dae703e8ebb5ec18e44b2b682bcf950d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/00404a33424169134995001a541dfecc28fd17a8...2533cd69dae703e8ebb5ec18e44b2b682bcf950d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits