[Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage

Sun, 28 May 2023 13:46:52 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e41ae35a by Moritz Mühlenhoff at 2023-05-28T22:46:28+02:00
bullseye/bookworm triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -569,6 +569,7 @@ CVE-2023-33288 (An issue was discovered in the Linux kernel 
before 6.2.9. A use-
        NOTE: 
https://git.kernel.org/linus/47c29d69212911f50bdcdd0564b5999a559010d4 (6.3-rc4)
 CVE-2023-33285 (An issue was discovered in Qt 5.x before 5.15.14, 6.x before 
6.2.9, an ...)
        - qt6-base 6.4.2+dfsg-10 (bug #1036848)
+       [bookworm] - qt6-base <no-dsa> (Minor issue)
        - qtbase-opensource-src 5.15.8+dfsg-11
        - qtbase-opensource-src-gles <unfixed>
        NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/477644
@@ -1406,6 +1407,7 @@ CVE-2023-2454 [CREATE SCHEMA ... schema_element defeats 
protective search_path c
        NOTE: 
https://www.postgresql.org/about/news/postgresql-153-148-1311-1215-and-1120-released-2637/
 CVE-2023-32668 (LuaTeX before 1.17.0 allows a document (compiled with the 
default sett ...)
        - texlive-bin <unfixed> (bug #1036470)
+       [bookworm] - texlive-bin <no-dsa> (Minor issue)
        [bullseye] - texlive-bin <no-dsa> (Minor issue)
        [buster] - texlive-bin <no-dsa> (Minor issue)
        NOTE: https://tug.org/pipermail/tex-live/2023-May/049188.html
@@ -10692,7 +10694,10 @@ CVE-2023-28448 (Versionize is a framework for version 
tolerant serializion/deser
        NOT-FOR-US: Versionize (firecracker-microvm / framework for version 
tolerant serializion/deserialization of Rust data structures)
 CVE-2023-28447 (Smarty is a template engine for PHP. In affected versions 
smarty did n ...)
        - smarty3 <unfixed> (bug #1033964)
+       [bookworm] - smarty3 <no-dsa> (Minor issue)
+       [bullseye] - smarty3 <no-dsa> (Minor issue)
        - smarty4 <unfixed> (bug #1033965)
+       [bookworm] - smarty4 <no-dsa> (Minor issue)
        NOTE: 
https://github.com/smarty-php/smarty/security/advisories/GHSA-7j98-h7fp-4vwj
        NOTE: 
https://github.com/smarty-php/smarty/commit/e75165565e9e5956a73365c24d650ba40570ae72
 (v4.3.1)
        NOTE: 
https://github.com/smarty-php/smarty/commit/7677db7bc9a1dcfcad1435fc9d3bac3f295ca3ad
 (v3.1.48)
@@ -12290,6 +12295,7 @@ CVE-2023-1290 (A vulnerability, which was classified as 
critical, has been found
        NOT-FOR-US: SourceCodester Sales Tracker Management System
 CVE-2023-1289 (A vulnerability was discovered in ImageMagick where a specially 
create ...)
        - imagemagick <unfixed> (bug #1033254)
+       [bookworm] - imagemagick <no-dsa> (Minor issue)
        [bullseye] - imagemagick <no-dsa> (Minor issue)
        [buster] - imagemagick <postponed> (Should be fixed together with some 
other CVEs)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr
@@ -14566,6 +14572,8 @@ CVE-2023-1056 (A vulnerability was found in 
SourceCodester Doctors Appointment S
        NOT-FOR-US: SourceCodester Doctors Appointment System
 CVE-2023-1055 (A flaw was found in RHDS 11 and RHDS 12. While browsing entries 
LDAP t ...)
        - 389-ds-base <unfixed> (bug #1034891)
+       [bookworm] - 389-ds-base <no-dsa> (Minor issue)
+       [bullseye] - 389-ds-base <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2173517
 CVE-2023-1054 (A vulnerability was found in SourceCodester Music Gallery Site 
1.0. It ...)
        NOT-FOR-US: SourceCodester Music Gallery Site
@@ -147394,6 +147402,7 @@ CVE-2021-33392
        RESERVED
 CVE-2021-33391 (An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute 
arbitra ...)
        - tidy-html5 <unfixed> (bug #1032665)
+       [bookworm] - tidy-html5 <no-dsa> (Minor issue)
        [bullseye] - tidy-html5 <no-dsa> (Minor issue)
        [buster] - tidy-html5 <no-dsa> (Minor issue)
        NOTE: https://github.com/htacg/tidy-html5/issues/946



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e41ae35aeddf8f8462802238f1a5833e4767375f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e41ae35aeddf8f8462802238f1a5833e4767375f
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to