Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 64582bbf by Salvatore Bonaccorso at 2023-05-18T14:20:09+02:00 Update notes for sysstat CVEs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,7 +1,9 @@ CVE-2023-33204 (sysstat through 12.7.2 allows a multiplication integer overflow in che ...) - sysstat <unfixed> + [bullseye] - sysstat <not-affected> (Incomplete fix for CVE-2022-39377 not applied) NOTE: https://github.com/sysstat/sysstat/pull/360 NOTE: https://github.com/sysstat/sysstat/commit/954ff2e2673cef48f0ed44668c466eab041db387 + NOTE: this issue exists because of an incomplete fix for CVE-2022-39377. CVE-2023-33203 (The Linux kernel before 6.2.9 has a race condition and resultant use-a ...) - linux 6.1.25-1 [bullseye] - linux 5.10.178-1 @@ -57226,6 +57228,7 @@ CVE-2022-39377 (sysstat is a set of system performance tools for the Linux opera [bullseye] - sysstat <no-dsa> (Minor issue) NOTE: https://github.com/sysstat/sysstat/security/advisories/GHSA-q8r6-g56f-9w7x NOTE: https://github.com/sysstat/sysstat/commit/9c4eaf150662ad40607923389d4519bc83b93540 (v12.7.1) + NOTE: The original fix is incomplete and opens up CVE-2023-33204. CVE-2022-39376 (GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Fre ...) - glpi <removed> (unimportant) NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-6rh5-m5g7-327w View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64582bbfb009a8c72a067a8738edb41846c86ae1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64582bbfb009a8c72a067a8738edb41846c86ae1 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits