[Git][security-tracker-team/security-tracker][master] bullseye triage

Wed, 15 Feb 2023 08:49:06 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a7c31718 by Moritz Muehlenhoff at 2023-02-15T17:48:34+01:00
bullseye triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -235,6 +235,7 @@ CVE-2023-0806
        RESERVED
 CVE-2023-25727 (In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an 
authenticated use ...)
        - phpmyadmin 4:5.2.1+dfsg-1
+       [bullseye] - phpmyadmin <no-dsa> (Minor issue)
        NOTE: https://www.phpmyadmin.net/security/PMASA-2023-1/
 CVE-2023-25726
        RESERVED
@@ -10635,6 +10636,7 @@ CVE-2023-22333 (Cross-site scripting vulnerability in 
EasyMail 2.00.130 and earl
        NOT-FOR-US: EasyMail
 CVE-2023-22332 (Information disclosure vulnerability exists in Pgpool-II 4.4.0 
to 4.4. ...)
        - pgpool2 <unfixed> (bug #1030048)
+       [bullseye] - pgpool2 <no-dsa> (Minor issue)
        NOTE: https://www.pgpool.net/mediawiki/index.php/Main_Page#News
 CVE-2023-22324 (SQL injection vulnerability in the CONPROSYS HMI System (CHS) 
Ver.3.5. ...)
        NOT-FOR-US: CONPROSYS
@@ -72086,6 +72088,7 @@ CVE-2022-27673 (Insufficient access controls in the AMD 
Link Android app may pot
 CVE-2022-27672 (When SMT is enabled, certain AMD processors may speculatively 
execute  ...)
        - linux 6.1.12-1
        - xen <unfixed>
+       [bullseye] - xen <not-affected> (Vulnerable code not present)
        NOTE: https://www.openwall.com/lists/oss-security/2023/02/14/4
        NOTE: 
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1045
        NOTE: https://xenbits.xen.org/xsa/advisory-426.html


=====================================
data/dsa-needed.txt
=====================================
@@ -16,6 +16,8 @@ apr-util (carnil)
 --
 apr (carnil)
 --
+curl
+--
 firefox-esr (jmm)
 --
 frr
@@ -30,6 +32,8 @@ linux (carnil)
 netatalk
   open regression with MacOS, tentative patch not yet merged upstream
 --
+nss
+--
 multipath-tools
   Tobias Frost proposed a potential update to be reviewed, maintainer asked to 
review changes
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7c31718befd1381e7360aee9f0689aee6957cdb

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7c31718befd1381e7360aee9f0689aee6957cdb
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to