Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8c06fed2 by Moritz Muehlenhoff at 2023-05-02T15:08:27+02:00
bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -24,6 +24,7 @@ CVE-2023-2428 (Cross-site Scripting (XSS) - Stored in GitHub
repository thorsten
NOT-FOR-US: phpmyfaq
CVE-2023-2426 (Use of Out-of-range Pointer Offset in GitHub repository vim/vim
prior ...)
- vim <unfixed> (bug #1035323)
+ [bullseye] - vim <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/3451be4c-91c8-4d08-926b-cbff7396f425
NOTE:
https://github.com/vim/vim/commit/caf642c25de526229264cab9425e7c9979f3509b
(v9.0.1499)
CVE-2023-31485 (GitLab::API::v4 through 0.26 does not verify TLS certificates
when con ...)
@@ -17161,6 +17162,7 @@ CVE-2023-25568
RESERVED
CVE-2023-25567 (GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that
implements ...)
- gss-ntlmssp 1.2.0-1 (bug #1031369)
+ [bullseye] - gss-ntlmssp <no-dsa> (Minor issue)
NOTE:
https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-24pf-6prf-24ch
NOTE:
https://github.com/gssapi/gss-ntlmssp/commit/025fbb756d44ffee8f847db4222ed6aa4bd1fbe4
(v1.2.0)
CVE-2023-25566 (GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that
implement ...)
@@ -17171,6 +17173,7 @@ CVE-2023-25566 (GSS-NTLMSSP is a mechglue plugin for
the GSSAPI library that imp
NOTE:
https://github.com/gssapi/gss-ntlmssp/commit/8660fb16474054e692a596e9c79670cd4d3954f4
(v1.2.0)
CVE-2023-25565 (GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that
implement ...)
- gss-ntlmssp 1.2.0-1 (bug #1031369)
+ [bullseye] - gss-ntlmssp <no-dsa> (Minor issue)
NOTE:
https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-7q7f-wqcg-mvfg
NOTE:
https://github.com/gssapi/gss-ntlmssp/commit/c16100f60907a2de92bcb676f303b81facee0f64
(v1.2.0)
CVE-2023-25564 (GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that
implement ...)
@@ -17181,6 +17184,7 @@ CVE-2023-25564 (GSS-NTLMSSP is a mechglue plugin for
the GSSAPI library that imp
NOTE:
https://github.com/gssapi/gss-ntlmssp/commit/c753000eb31835c0664e528fbc99378ae0cbe950
(v1.2.0)
CVE-2023-25563 (GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that
implement ...)
- gss-ntlmssp 1.2.0-1 (bug #1031369)
+ [bullseye] - gss-ntlmssp <no-dsa> (Minor issue)
NOTE:
https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-jjjx-5qf7-9mgf
NOTE:
https://github.com/gssapi/gss-ntlmssp/commit/97c62c6167299028d80765080e74d91dfc99efbd
(v1.2.0)
CVE-2023-25562 (DataHub is an open-source metadata platform. In versions of
DataHub pr ...)
@@ -109485,6 +109489,7 @@ CVE-2021-45424
RESERVED
CVE-2021-45423 (A Buffer Overflow vulnerabilityexists in Pev 0.81 via the
pe_exports f ...)
- pev 0.81-9 (bug #1034725)
+ [bullseye] - pev <no-dsa> (Minor issue, will be fixed in next point
release)
NOTE: https://github.com/merces/libpe/issues/35
NOTE:
https://github.com/merces/libpe/commit/9b5fedc37ccbcd23695a0e97c0fe46c999e26100
NOTE:
https://github.com/merces/libpe/commit/8960f7d710c4d1a43badd2bbf273721248b864f8
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c06fed2b2418e78d802836a1be87d85438b0b61
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c06fed2b2418e78d802836a1be87d85438b0b61
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
