Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 50054c99 by Moritz Muehlenhoff at 2023-08-16T13:22:36+02:00 bullseye/bookworm triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -440,6 +440,8 @@ CVE-2023-4105 (Mattermost fails to delete the attachments when deleting a messag CVE-2023-40267 (GitPython before 3.1.32 does not block insecure non-multi options in c ...) {DLA-3502-1} - python-git <unfixed> (bug #1043503) + [bookworm] - python-git <no-dsa> (Minor issue) + [bullseye] - python-git <no-dsa> (Minor issue) NOTE: https://github.com/gitpython-developers/GitPython/pull/1609 NOTE: https://github.com/gitpython-developers/GitPython/commit/5c59e0d63da6180db8a0b349f0ad36fef42aceed (3.1.32) CVE-2023-40260 (EmpowerID before 7.205.0.1 allows an attacker to bypass an MFA (multi ...) @@ -5825,6 +5827,8 @@ CVE-2023-34471 (AMI SPx contains a vulnerability in the BMC where a user may cau NOT-FOR-US: AMI SPx CVE-2023-34457 (MechanicalSoup is a Python library for automating interaction with web ...) - python-mechanicalsoup <unfixed> (bug #1041814) + [bookworm] - python-mechanicalsoup <no-dsa> (Minor issue) + [bullseye] - python-mechanicalsoup <no-dsa> (Minor issue) NOTE: https://github.com/MechanicalSoup/MechanicalSoup/security/advisories/GHSA-x456-3ccm-m6j4 NOTE: https://github.com/MechanicalSoup/MechanicalSoup/commit/d57c4a269bba3b9a0c5bfa20292955b849006d9e (v1.3.0) CVE-2023-34338 (AMI SPx contains a vulnerability in the BMC where an Attacker may caus ...) @@ -193123,6 +193127,7 @@ CVE-2021-20252 (A flaw was found in Red Hat 3scale API Management Platform 2. Th CVE-2021-20251 (A flaw was found in samba. A race condition in the password lockout co ...) [experimental] - samba 2:4.17.1+dfsg-1 - samba 2:4.17.2+dfsg-3 + [bullseye] - samba <ignored> (Domain controller functionality is EOLed, see DSA DSA-5477-1) NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14611 NOTE: https://gitlab.com/samba-team/samba/-/merge_requests/2708 CVE-2021-20250 (A flaw was found in wildfly. The JBoss EJB client has publicly accessi ...) @@ -345053,7 +345058,7 @@ CVE-2018-14629 (A denial of service vulnerability was discovered in Samba's LDAP CVE-2018-14628 (An information leak vulnerability was discovered in Samba's LDAP serve ...) - samba <unfixed> (bug #1034803) [bookworm] - samba <postponed> (Minor issue, revisit when fixed upstream) - [bullseye] - samba <postponed> (Minor issue, revisit when fixed upstream) + [bullseye] - samba <ignored> (Domain controller functionality is EOLed, see DSA DSA-5477-1) NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13595 CVE-2018-14627 (The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not h ...) - wildfly <itp> (bug #752018) ===================================== data/dsa-needed.txt ===================================== @@ -18,6 +18,8 @@ chromium -- cinder/oldstable -- +fastdds +-- frr (aron) maintainer proposed to update to 8.4.4 for bookworm, which might be a good idea -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50054c991c4e62a7de9dd70a49ffd22507ba5e34 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50054c991c4e62a7de9dd70a49ffd22507ba5e34 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits