Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
47f27dbf by Sylvain Beucler at 2024-11-27T11:09:08+01:00
CVE-2023-46137/twisted: reference introductory commit and version
Tracked down when checking stretch/16.6.0.
In that version, new CVE-related tests:
- pass without any fix
- fail when cherry-picking this commit 7dbfa7734a4addc13c28dd35c097403b9581c5bb
- pass again with the referenced fix 1e6e9d23cac59689760558dcb6634285e694b04c
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -102796,6 +102796,9 @@ CVE-2023-46137 (Twisted is an event-based framework
for internet applications. P
[buster] - twisted <no-dsa> (Minor issue)
NOTE:
https://github.com/twisted/twisted/security/advisories/GHSA-xc8x-vp79-p3wm
NOTE:
https://github.com/twisted/twisted/commit/1e6e9d23cac59689760558dcb6634285e694b04c
(twisted-23.10.0rc1)
+ NOTE: Introduced by:
https://github.com/twisted/twisted/commit/7dbfa7734a4addc13c28dd35c097403b9581c5bb
(twisted-17.9.0)
+ NOTE: See also preceding commit introducing _optimisticEagerReadSize
and rationale:
+ NOTE:
https://github.com/twisted/twisted/commit/5da381289952a46e9a11e9c2f1fe763bc64efdf6
(twisted-17.9.0)
CVE-2023-46134 (D-Tale is the combination of a Flask back-end and a React
front-end to ...)
NOT-FOR-US: D-Tale
CVE-2023-46133 (CryptoES is a cryptography algorithms library compatible with
ES6 and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47f27dbf7bb15b648c30b8c2b204a7434c4d59ea
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47f27dbf7bb15b648c30b8c2b204a7434c4d59ea
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
