[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) Fri, 10 Mar 2023 11:18:32 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a9780b83 by Moritz Muehlenhoff at 2023-03-10T20:17:49+01:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2580,28 +2580,28 @@ CVE-2023-27121
 CVE-2023-27120
        RESERVED
 CVE-2023-27119 (WebAssembly v1.0.29 was discovered to contain a segmentation 
fault via ...)
-       - wabt <unfixed> (unimportant)
+       - wabt <unfixed> (unimportant; bug #1032669)
        NOTE: Crash in CLI tool, no security impact
        NOTE: https://github.com/WebAssembly/wabt/issues/1990
 CVE-2023-27118
        RESERVED
 CVE-2023-27117 (WebAssembly v1.0.29 was discovered to contain a heap overflow 
via the  ...)
-       - wabt <unfixed> (unimportant)
+       - wabt <unfixed> (unimportant; bug #1032669)
        NOTE: Crash in CLI tool, no security impact
        NOTE: https://github.com/WebAssembly/wabt/issues/1989
 CVE-2023-27116 (WebAssembly v1.0.29 discovered to contain an abort in 
CWriter::MangleT ...)
-       - wabt <unfixed> (unimportant)
+       - wabt <unfixed> (unimportant; bug #1032669)
        NOTE: Crash in CLI tool, no security impact
        NOTE: https://github.com/WebAssembly/wabt/issues/1984
        NOTE: https://github.com/WebAssembly/wabt/pull/2119
        NOTE: 
https://github.com/WebAssembly/wabt/commit/8a7b7497bdf78f9099f8d5a3a2c9bde87ddd52da
 CVE-2023-27115 (WebAssembly v1.0.29 was discovered to contain a segmentation 
fault via ...)
-       - wabt <unfixed> (unimportant)
+       - wabt <unfixed> (unimportant; bug #1032669)
        NOTE: Crash in CLI tool, no security impact
        NOTE: https://github.com/WebAssembly/wabt/issues/1938
        NOTE: https://github.com/WebAssembly/wabt/issues/1992
 CVE-2023-27114 (radare2 v5.8.3 was discovered to contain a segmentation fault 
via the  ...)
-       - radare2 <unfixed>
+       - radare2 <unfixed> (bug #1032667)
        NOTE: https://github.com/radareorg/radare2/issues/21363
        NOTE: 
https://github.com/radareorg/radare2/commit/13308c9aad79f9c7a3507ce549fe270103e8ceea
 CVE-2023-27113
@@ -14154,7 +14154,7 @@ CVE-2023-0198
 CVE-2023-0197
        RESERVED
 CVE-2023-0196 (NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a 
local use ...)
-       - nvidia-cuda-toolkit <unfixed>
+       - nvidia-cuda-toolkit <unfixed> (bug #1032668)
        [bullseye] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
        NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5446
 CVE-2023-0195
@@ -14163,7 +14163,7 @@ CVE-2023-0194
        RESERVED
 CVE-2023-0193
        RESERVED
-       - nvidia-cuda-toolkit <unfixed>
+       - nvidia-cuda-toolkit <unfixed> (bug #1032668)
        [bullseye] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
        NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5446
 CVE-2023-0192
@@ -126309,7 +126309,7 @@ CVE-2021-36491
 CVE-2021-36490
        RESERVED
 CVE-2021-36489 (Buffer Overflow vulnerability in Allegro through 5.2.6 allows 
attacker ...)
-       - allegro4.4 <unfixed>
+       - allegro4.4 <unfixed> (bug #1032670)
        - allegro5 2:5.2.8.0+dfsg-1
        [bullseye] - allegro5 <no-dsa> (Minor issue)
        NOTE: https://github.com/liballeg/allegro5/issues/1251
@@ -133889,7 +133889,7 @@ CVE-2021-33393 (lfs/backup in IPFire 2.25-core155 
does not ensure that /var/ipfi
 CVE-2021-33392
        RESERVED
 CVE-2021-33391 (An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute 
arbitra ...)
-       - tidy-html5 <unfixed>
+       - tidy-html5 <unfixed> (bug #1032665)
        [bullseye] - tidy-html5 <no-dsa> (Minor issue)
        NOTE: https://github.com/htacg/tidy-html5/issues/946
        NOTE: 
https://github.com/htacg/tidy-html5/commit/efa61528aa500a1efbd2768121820742d3bb709b
@@ -133940,7 +133940,7 @@ CVE-2021-33369
 CVE-2021-33368
        RESERVED
 CVE-2021-33367 (Buffer Overflow vulnerability in Freeimage v3.18.0 allows 
attacker to  ...)
-       - freeimage <unfixed>
+       - freeimage <unfixed> (bug #1032666)
        [bookworm] - freeimage <no-dsa> (Minor issue)
        [bullseye] - freeimage <no-dsa> (Minor issue)
        NOTE: 
https://sourceforge.net/p/freeimage/discussion/36109/thread/1a4db03d58/
@@ -135336,7 +135336,7 @@ CVE-2021-32823 (In the bindata RubyGem before version 
2.4.10 there is a potentia
 CVE-2021-32822 (The npm hbs package is an Express view engine wrapper for 
Handlebars.  ...)
        NOT-FOR-US: Node hbs
 CVE-2021-32821 (MooTools is a collection of JavaScript utilities for 
JavaScript develo ...)
-       - mootols <unfixed>
+       - mootols <unfixed> (bug #1032664)
        NOTE: 
https://securitylab.github.com/advisories/GHSL-2020-345-redos-mootools/
 CVE-2021-32820 (Express-handlebars is a Handlebars view engine for Express. 
Express-ha ...)
        NOT-FOR-US: Express-handlebars



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9780b83ea9b7efd0b49126113d4fff16484f0f4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9780b83ea9b7efd0b49126113d4fff16484f0f4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bugnums

Reply via email to