[Git][security-tracker-team/security-tracker][master] Add CVE-2023-2248{3,4,5,6}/cmark-gfm

Tue, 31 Jan 2023 00:06:05 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
13a6dea4 by Salvatore Bonaccorso at 2023-01-31T09:05:26+01:00
Add CVE-2023-2248{3,4,5,6}/cmark-gfm

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6986,13 +6986,22 @@ CVE-2023-22488 (Flarum is a forum software for building 
communities. Using the n
 CVE-2023-22487 (Flarum is a forum software for building communities. Using the 
mention ...)
        NOT-FOR-US: Flarum
 CVE-2023-22486 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and 
renderin ...)
-       TODO: check
+        - cmark-gfm <unfixed>
+       NOTE: 
https://github.com/github/cmark-gfm/security/advisories/GHSA-r572-jvj2-3m8p
+       NOTE: 
https://github.com/github/cmark-gfm/commit/ece074cc3378f7a8dec0395f00123e9fa6981f7b
 (0.29.0.gfm.7)
+       TODO: check other codebase, python-cmarkgfm, ghostwriter, 
ruby-commonmarker and r-cran-commonmark
 CVE-2023-22485 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and 
renderin ...)
-       TODO: check
+        - cmark-gfm <unfixed>
+       NOTE: 
https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr
+       TODO: check other codebase, python-cmarkgfm, ghostwriter, 
ruby-commonmarker and r-cran-commonmark
 CVE-2023-22484 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and 
renderin ...)
-       TODO: check
+        - cmark-gfm <unfixed>
+       NOTE: 
https://github.com/github/cmark-gfm/security/advisories/GHSA-24f7-9frr-5h2r
+       TODO: check other codebase, python-cmarkgfm, ghostwriter, 
ruby-commonmarker and r-cran-commonmark
 CVE-2023-22483 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and 
renderin ...)
-       TODO: check
+        - cmark-gfm <unfixed>
+       NOTE: 
https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c
+       TODO: check other codebase, python-cmarkgfm, ghostwriter, 
ruby-commonmarker and r-cran-commonmark
 CVE-2023-22482 (Argo CD is a declarative, GitOps continuous delivery tool for 
Kubernet ...)
        NOT-FOR-US: Argo CD
 CVE-2023-22481



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13a6dea4fe7872df3e34956b7a73343e444de76a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13a6dea4fe7872df3e34956b7a73343e444de76a
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to