[Git][security-tracker-team/security-tracker][master] Add references for c-ares issues

Mon, 22 May 2023 12:15:25 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
396903fa by Salvatore Bonaccorso at 2023-05-22T21:13:53+02:00
Add references for c-ares issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2,6 +2,7 @@ CVE-2023-32067
        [experimental] - c-ares 1.19.1-1
        - c-ares <unfixed>
        NOTE: 
https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc
+       NOTE: 
https://github.com/c-ares/c-ares/commit/b9b8413cfdb70a3f99e1573333b23052d57ec1ae
 (cares-1_19_1)
 CVE-2023-33297 (Bitcoin Core before 24.1, when debug mode is not used, allows 
attacker ...)
        TODO: check
 CVE-2023-33288 (An issue was discovered in the Linux kernel before 6.2.9. A 
use-after- ...)
@@ -1839,6 +1840,7 @@ CVE-2023-31147
        [experimental] - c-ares 1.19.1-1
        - c-ares <unfixed> (unimportant)
        NOTE: 
https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2
+       NOTE: 
https://github.com/c-ares/c-ares/commit/823df3b989e59465d17b0a2eb1239a5fc048b4e5
 (cares-1_19_1)
        NOTE: Any Debian system/port provides /dev/urandom
 CVE-2023-31146 (Vyper is a Pythonic smart contract language for the Ethereum 
virtual m ...)
        NOT-FOR-US: Vyper
@@ -1879,6 +1881,7 @@ CVE-2023-31130
        [experimental] - c-ares 1.19.1-1
        - c-ares <unfixed>
        NOTE: 
https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v
+       NOTE: 
https://github.com/c-ares/c-ares/commit/f22cc01039b6473b736d3bf438f56a2654cdf2b2
 (cares-1_19_1)
 CVE-2023-31129 (The Contiki-NG operating system versions 4.8 and prior can be 
triggere ...)
        NOT-FOR-US: Contiki-NG
 CVE-2023-31128
@@ -1894,6 +1897,7 @@ CVE-2023-31124
        [experimental] - c-ares 1.19.1-1
        - c-ares <unfixed> (unimportant)
        NOTE: 
https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4
+       NOTE: 
https://github.com/c-ares/c-ares/commit/c4930223e51d0e3dbfd8b2a814f4be2e269e2a9d
 (cares-1_19_1)
        NOTE: No impact on binaries shipped by Debian
 CVE-2023-31123 (`effectindex/tripreporter` is a community-powered, universal 
platform  ...)
        NOT-FOR-US: effectindex/tripreporter



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/396903fae2d4f4c3092fa53b59de37f992c2cf55

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/396903fae2d4f4c3092fa53b59de37f992c2cf55
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to