Ben Hutchings pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fd21b526 by Ben Hutchings at 2023-04-24T00:39:48+02:00
Fill in details of the CVE IDs assigned for sgt-puzzles
7 CVE IDs have been assigned, but not published, for issues covered by
Debian bug #1028986. Use my own summaries for these.
No CVE IDs were requested for the issues covered by Debian
bug #1034190.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19774,24 +19774,38 @@ CVE-2023-24293
RESERVED
CVE-2023-24292
RESERVED
-CVE-2023-24291
- RESERVED
+CVE-2023-24291 (A crafted save file can cause a buffer overrun in Simon
Tatham's Portable Puzzle Collection)
+ - sgt-puzzles 20230122.806ae71-1 (bug #1028986)
+ [bullseye] - sgt-puzzles <no-dsa> (Minor issue)
+ [buster] - sgt-puzzles <no-dsa> (Minor issue)
CVE-2023-24290
RESERVED
CVE-2023-24289
RESERVED
-CVE-2023-24288
- RESERVED
-CVE-2023-24287
- RESERVED
-CVE-2023-24286
- RESERVED
-CVE-2023-24285
- RESERVED
-CVE-2023-24284
- RESERVED
-CVE-2023-24283
- RESERVED
+CVE-2023-24288 (A crafted save file can cause a buffer overrun in Simon
Tatham's Portable Puzzle Collection)
+ - sgt-puzzles 20230122.806ae71-1 (bug #1028986)
+ [bullseye] - sgt-puzzles <no-dsa> (Minor issue)
+ [buster] - sgt-puzzles <no-dsa> (Minor issue)
+CVE-2023-24287 (A crafted save file can cause a buffer overrun in the Undead
puzzle)
+ - sgt-puzzles 20230122.806ae71-1 (bug #1028986)
+ [bullseye] - sgt-puzzles <no-dsa> (Minor issue)
+ [buster] - sgt-puzzles <no-dsa> (Minor issue)
+CVE-2023-24286 (A crafted save file can cause a buffer overrun in the Mosaic
puzzle)
+ - sgt-puzzles 20230122.806ae71-1 (bug #1028986)
+ [bullseye] - sgt-puzzles <not-affected> (Vulnerable code introduced
later)
+ [buster] - sgt-puzzles <not-affected> (Vulnerable code introduced later)
+CVE-2023-24285 (A crafted save file can cause a buffer overrun in the Netslide
puzzle)
+ - sgt-puzzles 20230122.806ae71-1 (bug #1028986)
+ [bullseye] - sgt-puzzles <no-dsa> (Minor issue)
+ [buster] - sgt-puzzles <no-dsa> (Minor issue)
+CVE-2023-24284 (A crafted save file can cause a buffer overrun in the Guess
puzzle)
+ - sgt-puzzles 20230122.806ae71-1 (bug #1028986)
+ [bullseye] - sgt-puzzles <no-dsa> (Minor issue)
+ [buster] - sgt-puzzles <no-dsa> (Minor issue)
+CVE-2023-24283 (A crafted save file can cause a buffer overrun in the Guess
puzzle)
+ - sgt-puzzles 20230122.806ae71-1 (bug #1028986)
+ [bullseye] - sgt-puzzles <no-dsa> (Minor issue)
+ [buster] - sgt-puzzles <no-dsa> (Minor issue)
CVE-2023-24282 (An arbitrary file upload vulnerability in Poly Trio 8800
7.2.2.1094 al ...)
NOT-FOR-US: Poly Trio 8800
CVE-2023-24281
@@ -21761,15 +21775,6 @@ CVE-2023-0307 (Weak Password Requirements in GitHub
repository thorsten/phpmyfaq
NOT-FOR-US: phpmyfaq
CVE-2023-0306 (Cross-site Scripting (XSS) - Stored in GitHub repository
thorsten/phpm ...)
NOT-FOR-US: phpmyfaq
-CVE-2023-XXXX [More security bugs in game loading]
- [experimental] - sgt-puzzles 20230410.71cf891-1
- - sgt-puzzles 20230122.806ae71-2 (bug #1034190)
- [bullseye] - sgt-puzzles <no-dsa> (Minor issue)
- [buster] - sgt-puzzles <no-dsa> (Minor issue)
-CVE-2023-XXXX [Multiple integer overflow and buffer overflow issues in game
loading]
- - sgt-puzzles 20230122.806ae71-1 (bug #1028986)
- [bullseye] - sgt-puzzles <no-dsa> (Minor issue)
- [buster] - sgt-puzzles <no-dsa> (Minor issue)
CVE-2023-0305 (A vulnerability classified as critical was found in
SourceCodester Onl ...)
NOT-FOR-US: SourceCodester Online Food Ordering System
CVE-2023-0304 (A vulnerability classified as critical has been found in
SourceCodeste ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd21b526efa1d9023cdaf587f5f41123f8e2e1a6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd21b526efa1d9023cdaf587f5f41123f8e2e1a6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
