[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) Tue, 21 Feb 2023 07:20:07 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7ea4b589 by Moritz Muehlenhoff at 2023-02-21T16:18:04+01:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31,7 +31,7 @@ CVE-2023-26255
 CVE-2023-26254
        RESERVED
 CVE-2023-26253 (In Gluster GlusterFS 11.0, there is an 
xlators/mount/fuse/src/fuse-bri ...)
-       - glusterfs <unfixed>
+       - glusterfs <unfixed> (bug #1031731)
        NOTE: https://github.com/gluster/glusterfs/issues/3954
 CVE-2023-26252
        RESERVED
@@ -146,13 +146,13 @@ CVE-2022-48332
 CVE-2022-48331
        RESERVED
 CVE-2022-48339 (An issue was discovered in GNU Emacs through 28.2. 
htmlfontify.el has  ...)
-       - emacs <unfixed>
+       - emacs <unfixed> (bug #1031730)
        NOTE: 
https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=1b4dc4691c1f87fc970fbe568b43869a15ad0d4c
 CVE-2022-48338 (An issue was discovered in GNU Emacs through 28.2. In 
ruby-mode.el, th ...)
-       - emacs <unfixed>
+       - emacs <unfixed> (bug #1031730)
        NOTE: 
https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=9a3b08061feea14d6f37685ca1ab8801758bfd1c
 CVE-2022-48337 (GNU Emacs through 28.2 allows attackers to execute commands 
via shell  ...)
-       - emacs <unfixed>
+       - emacs <unfixed> (bug #1031730)
        NOTE: 
https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=01a4035c869b91c153af9a9132c87adb7669ea1c
 CVE-2023-26213
        RESERVED
@@ -433,7 +433,7 @@ CVE-2023-26083
 CVE-2023-26082
        RESERVED
 CVE-2023-26081 (In Epiphany (aka GNOME Web) through 43.0, untrusted web 
content can tr ...)
-       - epiphany-browser <unfixed>
+       - epiphany-browser <unfixed> (bug #1031727)
        NOTE: https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275
        NOTE: 
https://gitlab.gnome.org/GNOME/epiphany/-/commit/53363c3c8178bf9193dad9fa3516f4e10cff0ffd
 CVE-2023-26080
@@ -527,7 +527,7 @@ CVE-2023-0913 (A vulnerability classified as critical was 
found in SourceCodeste
 CVE-2023-0912 (A vulnerability classified as critical has been found in 
SourceCodeste ...)
        NOT-FOR-US: SourceCodester Auto Dealer Management System
 CVE-2019-25104 (A vulnerability has been found in rtcwcoop 1.0.2 and 
classified as pro ...)
-       - iortcw <unfixed>
+       - iortcw <unfixed> (bug #1031732)
        NOTE: https://github.com/rtcwcoop/rtcwcoop/pull/45
        NOTE: Reported against a version based on iortcw, but seems missing in 
iortcw
 CVE-2016-15026 (A vulnerability was found in 3breadt dd-plist 1.17 and 
classified as p ...)
@@ -3622,7 +3622,7 @@ CVE-2023-25000
 CVE-2023-24999
        RESERVED
 CVE-2023-24998 (Apache Commons FileUpload before 1.5 does not limit the number 
of requ ...)
-       - libcommons-fileupload-java <unfixed>
+       - libcommons-fileupload-java <unfixed> (bug #1031733)
        [bullseye] - libcommons-fileupload-java <no-dsa> (Minor issue)
        NOTE: 
https://github.com/apache/commons-fileupload/commit/e20c04990f7420ca917e96a84cec58b13a1b3d17
        NOTE: https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy
@@ -5053,8 +5053,8 @@ CVE-2023-0484
 CVE-2023-0483
        RESERVED
 CVE-2023-0482 (In RESTEasy the insecure File.createTempFile() is used in the 
DataSour ...)
-       - resteasy <unfixed>
-       - resteasy3.0 <unfixed>
+       - resteasy <unfixed> (bug #1031728)
+       - resteasy3.0 <unfixed> (bug #1031729)
        [bullseye] - resteasy3.0 <no-dsa> (Minor issue)
        [buster] - resteasy3.0 <no-dsa> (Minor issue)
        NOTE: https://github.com/resteasy/resteasy/pull/3409/
@@ -75797,13 +75797,13 @@ CVE-2022-26892
 CVE-2022-26891 (Microsoft Edge (Chromium-based) Elevation of Privilege 
Vulnerability.  ...)
        NOT-FOR-US: Microsoft
 CVE-2022-26061 (A heap-based buffer overflow vulnerability exists in the 
gif2h5 functi ...)
-       - hdf5 <unfixed>
+       - hdf5 <unfixed> (bug #1031726)
        NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1487
 CVE-2022-25972 (An out-of-bounds write vulnerability exists in the gif2h5 
functionalit ...)
-       - hdf5 <unfixed>
+       - hdf5 <unfixed> (bug #1031726)
        NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1485
 CVE-2022-25942 (An out-of-bounds read vulnerability exists in the gif2h5 
functionality ...)
-       - hdf5 <unfixed>
+       - hdf5 <unfixed> (bug #1031726)
        NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1486
 CVE-2022-0935 (Host Header injection in password Reset in GitHub repository 
livehelpe ...)
        NOT-FOR-US: livehelperchat



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ea4b58988b7cad5402ab0999b075811a1bb7f2d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ea4b58988b7cad5402ab0999b075811a1bb7f2d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bugnums

Reply via email to