Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7c04442c by Moritz Muehlenhoff at 2023-04-10T19:53:01+02:00
bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5852,6 +5852,7 @@ CVE-2023-28339 (OpenDoas through 6.8.2, when TIOCSTI is
available, allows privil
- doas <removed>
[bullseye] - doas <no-dsa> (Minor issue)
- opendoas <unfixed> (bug #1034185)
+ [bookworm] - opendoas <ignored> (Minor issue, will be addressed via
kernel change which isn't in 6.1 yet)
NOTE: https://github.com/Duncaen/OpenDoas/issues/106
NOTE: https://www.openwall.com/lists/oss-security/2023/03/14/4
NOTE: Restricting ioctl on the kernel side seems the better approach,
patches have been
@@ -66389,7 +66390,6 @@ CVE-2022-2211 (A vulnerability was found in libguestfs.
This issue occurs while
[bullseye] - libguestfs <no-dsa> (Minor issue)
[buster] - libguestfs <no-dsa> (Minor issue)
- guestfs-tools 1.48.3-4 (bug #1014764)
- [bookworm] - guestfs-tools <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2100862
NOTE: In 1:1.46.2-1 of src:libguestfs the tools were split out to
src:guestfs-tools, marking that as fixed version
NOTE:
https://listman.redhat.com/archives/libguestfs/2022-June/029274.html
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c04442cf2acead3b42fca985065690d3cafac99
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c04442cf2acead3b42fca985065690d3cafac99
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
