[Git][security-tracker-team/security-tracker][master] Add two new issues for node-undici

Salvatore Bonaccorso (@carnil) Thu, 16 Feb 2023 12:33:17 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9bad544a by Salvatore Bonaccorso at 2023-02-16T21:31:50+01:00
Add two new issues for node-undici

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3186,7 +3186,9 @@ CVE-2023-24809
 CVE-2023-24808 (PDFio is a C library for reading and writing PDF files. In 
versions pr ...)
        TODO: check, might affect src:ippsample
 CVE-2023-24807 (Undici is an HTTP/1.1 client for Node.js. Prior to version 
5.19.1, the ...)
-       TODO: check
+       - node-undici <unfixed>
+       NOTE: 
https://github.com/nodejs/undici/security/advisories/GHSA-r6ch-mqf9-qc9w
+       NOTE: 
https://github.com/nodejs/undici/commit/f2324e549943f0b0937b09fb1c0c16cc7c93abdf
 (v5.19.1)
 CVE-2023-24806
        REJECTED
 CVE-2023-24805
@@ -5500,7 +5502,9 @@ CVE-2023-23938
 CVE-2023-23937 (Pimcore is an Open Source Data &amp; Experience Management 
Platform: P ...)
        NOT-FOR-US: Pimcore
 CVE-2023-23936 (Undici is an HTTP/1.1 client for Node.js. Starting with 
version 2.0.0  ...)
-       TODO: check
+       - node-undici <unfixed>
+       NOTE: 
https://github.com/nodejs/undici/security/advisories/GHSA-5r9g-qh6m-jxff
+       NOTE: 
https://github.com/nodejs/undici/commit/a2eff05401358f6595138df963837c24348f2034
 (v5.19.1)
 CVE-2023-23935
        RESERVED
 CVE-2023-23934 (Werkzeug is a comprehensive WSGI web application library. 
Browsers may ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bad544ac92715f15d200b59a56fb7f5ba983747

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bad544ac92715f15d200b59a56fb7f5ba983747
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add two new issues for node-undici

Reply via email to