Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: b7436bf6 by Moritz Muehlenhoff at 2023-09-11T21:24:19+02:00 bugnums - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1616,13 +1616,11 @@ CVE-2023-41362 (MyBB before 1.8.36 allows Code Injection by users with certain h CVE-2023-41037 (OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In ...) - node-openpgp <itp> (bug #787774) CVE-2023-40890 (A stack-based buffer overflow vulnerability exists in the lookup_seque ...) - - zbar <unfixed> + - zbar <unfixed> (bug #1051724) NOTE: https://hackmd.io/@cspl/H1PxPAUnn - TODO: check if reported upsream CVE-2023-40889 (A heap-based buffer overflow exists in the qr_reader_match_centers fun ...) - - zbar <unfixed> + - zbar <unfixed> (bug #1051724) NOTE: https://hackmd.io/@cspl/B1ZkFZv23 - TODO: check if reported upstream CVE-2023-40787 (In SpringBlade V3.6.0 when executing SQL query, the parameters submitt ...) NOT-FOR-US: SpringBlade CVE-2023-3646 (On affected platforms running Arista EOS with mirroring to multiple de ...) @@ -1902,9 +1900,8 @@ CVE-2023-4569 (A memory leak flaw was found in nft_set_catchall_flush in net/net - linux 6.4.13-1 NOTE: https://git.kernel.org/linus/90e5b3462efa37b8bba82d7c4e63683856e188af (6.5-rc7) CVE-2023-4567 - - ansible <undetermined> + - ansible <unfixed> (bug #1051725) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2235369 - TODO: check, no upstream information provided in RHBZ#2235369 CVE-2023-4563 [Use-after-free in nft_verdict_dump due to a race between set GC and transaction] - linux 6.4.13-1 NOTE: https://lore.kernel.org/netdev/20230810070830.24064-1-pa...@netfilter.org/ @@ -216055,11 +216052,10 @@ CVE-2020-24906 CVE-2020-24905 RESERVED CVE-2020-24904 (An issue was discovered in attach parameter in GNOME Gmail version 2.5 ...) - - gnome-gmail <removed> + - gnome-gmail <removed> (bug #1051726) [bullseye] - gnome-gmail <no-dsa> (Minor issue) [buster] - gnome-gmail <no-dsa> (Minor issue) NOTE: https://github.com/davesteele/gnome-gmail/issues/84 - TODO: check, might be an issue as well in src:viagee CVE-2020-24903 (Cute Editor for ASP.NET 6.4 is vulnerable to reflected cross-site scri ...) NOT-FOR-US: Cute Editor for ASP.NET CVE-2020-24902 (Quixplorer <=2.4.1 is vulnerable to reflected cross-site scripting (XS ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7436bf6a0b0a5b4a0594f1da124270f0fdf91f9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7436bf6a0b0a5b4a0594f1da124270f0fdf91f9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits