Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 661627bb by Salvatore Bonaccorso at 2023-06-12T21:00:40+02:00 Update information for CVE-2023-34104/node-webfont - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -514,9 +514,10 @@ CVE-2023-34409 (In Percona Monitoring and Management (PMM) server 2.x before 2.3 CVE-2023-34111 (The `Release PR Merged` workflow in the github repo taosdata/grafanapl ...) NOT-FOR-US: taosdata/grafanaplugin CVE-2023-34104 (fast-xml-parser is an open source, pure javascript xml parser. fast-xm ...) - - node-webfont <unfixed> + - node-webfont <not-affected> (Vulnerable code not present) NOTE: https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-6w63-h3fj-q4vw - NOTE: https://github.com/NaturalIntelligence/fast-xml-parser/commit/39b0e050bb909e8499478657f84a3076e39ce76c (v4.2.3) + NOTE: Introduced by: https://github.com/NaturalIntelligence/fast-xml-parser/commit/a4bdced80369892ee413bf08e28b78795a2b0d5b (v4.1.3) + NOTE: Fixed by: https://github.com/NaturalIntelligence/fast-xml-parser/commit/39b0e050bb909e8499478657f84a3076e39ce76c (v4.2.3) CVE-2023-33977 (Kiwi TCMS is an open source test management system for both manual and ...) NOT-FOR-US: Kiwi TCMS CVE-2023-33959 (notation is a CLI tool to sign and verify OCI artifacts and container ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/661627bb76eaca4f5caf787b5aef24aa6cbe67a2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/661627bb76eaca4f5caf787b5aef24aa6cbe67a2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits