[Git][security-tracker-team/security-tracker][master] bugnums

Mon, 27 Feb 2023 14:21:09 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d243c45b by Moritz Muehlenhoff at 2023-02-27T23:20:28+01:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1880,7 +1880,7 @@ CVE-2023-22342
 CVE-2023-22293
        RESERVED
 CVE-2023-0996 (There is a vulnerability in the strided image data parsing code 
in the ...)
-       - libheif <unfixed>
+       - libheif <unfixed> (bug #1032101)
        NOTE: https://github.com/strukturag/libheif/pull/759
        NOTE: 
https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html
 CVE-2023-0995 (Cross-site Scripting (XSS) - Stored in GitHub repository 
unilogies/bum ...)
@@ -4252,7 +4252,7 @@ CVE-2023-0779
        RESERVED
 CVE-2023-0778
        RESERVED
-       - libpod <unfixed>
+       - libpod <unfixed> (bug #1032099)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2168256
        NOTE: 
https://github.com/containers/podman/commit/6ca857feb07a5fdc96fd947afef03916291673d8
 CVE-2023-25678
@@ -7599,7 +7599,7 @@ CVE-2023-0477
 CVE-2023-0476 (A LDAP injection vulnerability exists in Tenable.sc due to 
improper va ...)
        NOT-FOR-US: Tenable
 CVE-2023-0475 (HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to 
decompressi ...)
-       - golang-github-hashicorp-go-getter <unfixed>
+       - golang-github-hashicorp-go-getter <unfixed> (bug #1032100)
        NOTE: 
https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
 CVE-2023-0474 (Use after free in GuestView in Google Chrome prior to 
109.0.5414.119 a ...)
        {DSA-5328-1}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d243c45b3c2fc3a660137b364f47018dc9c9719b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d243c45b3c2fc3a660137b364f47018dc9c9719b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to