Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
20fade1e by Moritz Muehlenhoff at 2023-04-29T12:55:45+02:00
bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7670,6 +7670,7 @@ CVE-2023-1545 (SQL Injection in GitHub repository
nilsteampassnet/teampass prior
- teampass <itp> (bug #730180)
CVE-2023-1544 (A flaw was found in the QEMU implementation of VMWare's
paravirtual RD ...)
- qemu <unfixed> (bug #1034179)
+ [bookworm] - qemu <no-dsa> (Minor issue)
[bullseye] - qemu <no-dsa> (Minor issue)
[buster] - qemu <no-dsa> (Minor issue)
NOTE:
https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.html
@@ -15172,6 +15173,8 @@ CVE-2023-26113 (Versions of the package collection.js
before 6.8.1 are vulnerabl
NOT-FOR-US: collection.js
CVE-2023-26112 (All versions of the package configobj are vulnerable to
Regular Expres ...)
- configobj <unfixed> (bug #1034152)
+ [bookworm] - configobj <no-dsa> (Minor issue)
+ [bullseye] - configobj <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-PYTHON-CONFIGOBJ-3252494
NOTE: https://github.com/DiffSK/configobj/issues/232
CVE-2023-26111 (All versions of the package @nubosoftware/node-static; all
versions of ...)
@@ -289388,6 +289391,7 @@ CVE-2019-10181 (It was found that in icedtea-web up
to and including 1.7.2 and 1
NOTE:
https://github.com/AdoptOpenJDK/IcedTea-Web/commit/528cb8163b7053576a658b9602b5694b21957b0e
(1.8)
CVE-2019-10180 (A vulnerability was found in all pki-core 10.x.x version,
where the To ...)
- dogtag-pki <unfixed> (bug #1014855)
+ [bookworm] - dogtag-pki <no-dsa> (Minor issue)
[bullseye] - dogtag-pki <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1721137
CVE-2019-10179 (A vulnerability was found in all pki-core 10.x.x versions,
where the K ...)
@@ -289397,6 +289401,7 @@ CVE-2019-10179 (A vulnerability was found in all
pki-core 10.x.x versions, where
NOTE:
https://github.com/dogtagpki/pki/commit/a93a65be0b1bcf94e004ba59c6a0c8a2c086936f
(v10.9.0)
CVE-2019-10178 (It was found that the Token Processing Service (TPS) did not
properly ...)
- dogtag-pki <unfixed> (bug #1014856)
+ [bookworm] - dogtag-pki <no-dsa> (Minor issue)
[bullseye] - dogtag-pki <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1719042
CVE-2019-10177 (A stored cross-site scripting (XSS) vulnerability was found in
the PDF ...)
@@ -391342,6 +391347,7 @@ CVE-2017-1000048 (the web framework using ljharb's qs
module older than v6.3.2,
NOT-FOR-US: ljharb
CVE-2017-1000047 (rbenv (all current versions) is vulnerable to Directory
Traversal in t ...)
- rbenv <unfixed> (bug #869702)
+ [bookworm] - rbenv <no-dsa> (Minor issue)
[bullseye] - rbenv <no-dsa> (Minor issue)
[buster] - rbenv <no-dsa> (Minor issue)
[stretch] - rbenv <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20fade1e6f5d2c99111cf4c45dce171cfe9ea197
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20fade1e6f5d2c99111cf4c45dce171cfe9ea197
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
