Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5ca099e7 by Utkarsh Gupta at 2023-08-26T15:03:57+05:30 Mark poppler CVEs as no-dsa for buster - - - - - 99b5d438 by Utkarsh Gupta at 2023-08-26T15:06:07+05:30 Mark wireshark CVEs as no-dsa for buster - - - - - 3f37c81e by Utkarsh Gupta at 2023-08-26T15:11:45+05:30 Add tryton-server to dla-needed - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -64,6 +64,7 @@ CVE-2023-2906 (Due to a failure in validating the length provided by an attacker - wireshark 4.0.8-1 [bookworm] - wireshark <no-dsa> (Minor issue) [bullseye] - wireshark <no-dsa> (Minor issue) + [buster] - wireshark <no-dsa> (Minor issue) NOTE: https://www.wireshark.org/security/wnpa-sec-2023-26.html NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19229 CVE-2023-4534 (A vulnerability, which was classified as problematic, was found in Neo ...) @@ -309,18 +310,21 @@ CVE-2023-4513 (BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6. - wireshark 4.0.8-1 [bookworm] - wireshark <no-dsa> (Minor issue) [bullseye] - wireshark <no-dsa> (Minor issue) + [buster] - wireshark <no-dsa> (Minor issue) NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19259 NOTE: https://www.wireshark.org/security/wnpa-sec-2023-25.html CVE-2023-4512 (CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of serv ...) - wireshark 4.0.8-1 [bookworm] - wireshark <no-dsa> (Minor issue) [bullseye] - wireshark <no-dsa> (Minor issue) + [buster] - wireshark <no-dsa> (Minor issue) NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19144 NOTE: https://www.wireshark.org/security/wnpa-sec-2023-23.html CVE-2023-4511 (BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 t ...) - wireshark 4.0.8-1 [bookworm] - wireshark <no-dsa> (Minor issue) [bullseye] - wireshark <no-dsa> (Minor issue) + [buster] - wireshark <no-dsa> (Minor issue) NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19258 NOTE: https://www.wireshark.org/security/wnpa-sec-2023-24.html CVE-2023-4230 (A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4 ...) @@ -73733,6 +73737,7 @@ CVE-2022-38350 CVE-2022-38349 (An issue was discovered in Poppler 22.08.0. There is a reachable asser ...) - poppler 22.12.0-2 [bullseye] - poppler <no-dsa> (Minor issue) + [buster] - poppler <no-dsa> (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282 NOTE: Fixed by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28 (poppler-22.09.0) CVE-2022-38348 @@ -77123,16 +77128,19 @@ CVE-2022-37053 (TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection vi CVE-2022-37052 (A reachable Object::getString assertion in Poppler 22.07.0 allows atta ...) - poppler 22.08.0-2 [bullseye] - poppler <no-dsa> (Minor issue) + [buster] - poppler <no-dsa> (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278 NOTE: Fixed by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c (poppler-22.08.0) CVE-2022-37051 (An issue was discovered in Poppler 22.07.0. There is a reachable abort ...) - poppler 22.08.0-2 [bullseye] - poppler <no-dsa> (Minor issue) + [buster] - poppler <no-dsa> (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/-/issues/1276 NOTE: Fixed by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/4631115647c1e4f0482ffe0491c2f38d2231337b (poppler-22.08.0) CVE-2022-37050 (In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers t ...) - poppler 22.08.0-2 [bullseye] - poppler <no-dsa> (Minor issue) + [buster] - poppler <no-dsa> (Minor issue) NOTE: https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274 NOTE: Fixed by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990 (poppler-22.08.0) CVE-2022-37049 (The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a ...) ===================================== data/dla-needed.txt ===================================== @@ -246,3 +246,7 @@ trafficserver NOTE: 20230826: Ubuntu side and track the fixing commits. I'll update when NOTE: 20230826: I have the answer here. (utkarsh) -- +tryton-server + NOTE: 20230826: Added by Front-Desk (utkarsh) + NOTE: 20230826: sync with the DSA released. (utkarsh) +-- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/89d4f988a5442d2dbb52bd91084907ffb7bb6960...3f37c81eb9e0f7a6de071fc7d29e254029f62858 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/89d4f988a5442d2dbb52bd91084907ffb7bb6960...3f37c81eb9e0f7a6de071fc7d29e254029f62858 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits