Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7c04442c by Moritz Muehlenhoff at 2023-04-10T19:53:01+02:00 bookworm triage - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -5852,6 +5852,7 @@ CVE-2023-28339 (OpenDoas through 6.8.2, when TIOCSTI is available, allows privil - doas <removed> [bullseye] - doas <no-dsa> (Minor issue) - opendoas <unfixed> (bug #1034185) + [bookworm] - opendoas <ignored> (Minor issue, will be addressed via kernel change which isn't in 6.1 yet) NOTE: https://github.com/Duncaen/OpenDoas/issues/106 NOTE: https://www.openwall.com/lists/oss-security/2023/03/14/4 NOTE: Restricting ioctl on the kernel side seems the better approach, patches have been @@ -66389,7 +66390,6 @@ CVE-2022-2211 (A vulnerability was found in libguestfs. This issue occurs while [bullseye] - libguestfs <no-dsa> (Minor issue) [buster] - libguestfs <no-dsa> (Minor issue) - guestfs-tools 1.48.3-4 (bug #1014764) - [bookworm] - guestfs-tools <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2100862 NOTE: In 1:1.46.2-1 of src:libguestfs the tools were split out to src:guestfs-tools, marking that as fixed version NOTE: https://listman.redhat.com/archives/libguestfs/2022-June/029274.html View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c04442cf2acead3b42fca985065690d3cafac99 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c04442cf2acead3b42fca985065690d3cafac99 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits