[Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage

Sun, 16 Jul 2023 11:00:08 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7dace96e by Moritz Muehlenhoff at 2023-07-16T19:59:28+02:00
bullseye/bookworm triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -657,6 +657,7 @@ CVE-2023-37196 (A CWE-89: Improper Neutralization of 
Special Elements vulnerabil
        NOT-FOR-US: Schneider Electric
 CVE-2023-37174 (GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to 
contain a seg ...)
        - gpac <unfixed>
+       [bullseye] - gpac <ignored> (Minor issue)
        [buster] - gpac <end-of-life> (EOL in buster LTS)
        NOTE: https://github.com/gpac/gpac/issues/2505
        NOTE: 
https://github.com/gpac/gpac/commit/549ff4484246f2bc4d5fec6760332b43774db483
@@ -1546,6 +1547,7 @@ CVE-2023-3528 (A vulnerability was found in ThinuTech 
ThinuCMS 1.5. It has been
        NOT-FOR-US: ThinuTech ThinuCMS
 CVE-2023-3523 (Out-of-bounds Read in GitHub repository gpac/gpac prior to 
2.2.2.)
        - gpac <unfixed>
+       [bullseye] - gpac <ignored> (Minor issue)
        [buster] - gpac <end-of-life> (EOL in buster LTS)
        NOTE: https://huntr.dev/bounties/57e0be03-8484-415e-8b5c-c1fe4546eaac/
        NOTE: 
https://github.com/gpac/gpac/commit/64201a26476c12a7dbd7ffb5757743af6954db96
@@ -4368,9 +4370,13 @@ CVE-2023-33557 (Fuel CMS v1.5.2 was discovered to 
contain a SQL injection vulner
        NOT-FOR-US: Fuel CMS
 CVE-2023-32732 (gRPC contains a vulnerability whereby a client can cause a 
termination ...)
        - grpc <unfixed>
+       [bookworm] - grpc <no-dsa> (Minor issue)
+       [bullseye] - grpc <no-dsa> (Minor issue)
        NOTE: https://github.com/grpc/grpc/pull/32309
 CVE-2023-32731 (When gRPC HTTP2 stack raised a header size exceeded error, it 
skipped  ...)
        - grpc <unfixed>
+       [bookworm] - grpc <no-dsa> (Minor issue)
+       [bullseye] - grpc <no-dsa> (Minor issue)
        NOTE: https://github.com/grpc/grpc/pull/32309
        NOTE: https://github.com/grpc/grpc/pull/33005
 CVE-2023-32312 (UmbracoIdentityExtensions is an Umbraco add-on package that 
enables ea ...)
@@ -16666,6 +16672,8 @@ CVE-2023-1429 (Cross-site Scripting (XSS) - Reflected 
in GitHub repository pimco
        NOT-FOR-US: pimcore
 CVE-2023-1428 (There exists an vulnerability causing an abort() to be called 
in gRPC. ...)
        - grpc <unfixed>
+       [bookworm] - grpc <no-dsa> (Minor issue)
+       [bullseye] - grpc <no-dsa> (Minor issue)
        NOTE: 
https://github.com/grpc/grpc/commit/2485fa94bd8a723e5c977d55a3ce10b301b437f8 
(v1.54.0-pre1)
 CVE-2023-1427 (- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did 
not en ...)
        NOT-FOR-US: WordPress plugin



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7dace96e208c4985be19716090774d0fc4b1a434

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7dace96e208c4985be19716090774d0fc4b1a434
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to