[Git][security-tracker-team/security-tracker][master] new openssl issue

Moritz Muehlenhoff (@jmm) Tue, 30 May 2023 06:56:55 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
bc7e909c by Moritz Muehlenhoff at 2023-05-30T15:56:14+02:00
new openssl issue

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,8 @@
+CVE-2023-2650 [openssl Possible DoS translating ASN.1 object identifiers]
+       - openssl <unfixed>
+       NOTE: https://www.openssl.org/news/secadv/20230530.txt
+       NOTE: 
https://github.com/openssl/openssl/commit/9e209944b35cf82368071f160a744b6178f9b098
 (OpenSSL_1_1_1-stable)
+       NOTE: 
https://github.com/openssl/openssl/commit/423a2bc737a908ad0c77bda470b2b59dc879936b
 (openssl-3.0)
 CVE-2023-34205 (In Moov signedxml through 1.0.0, parsing the raw XML (as 
received) can ...)
        TODO: check
 CVE-2023-34204 (imapsync through 2.229 uses predictable paths under /tmp and 
/var/tmp  ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -39,6 +39,8 @@ openjdk-11 (jmm)
 --
 openjdk-17 (jmm)
 --
+openssl
+--
 owslib
 --
 php-cas



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc7e909c5e89bf1ab225b8c8b382748a549ffa18

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc7e909c5e89bf1ab225b8c8b382748a549ffa18
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] new openssl issue

Reply via email to