Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8d0aee7a by Moritz Muehlenhoff at 2023-05-30T20:02:11+02:00
openssl fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2023-2650 [openssl Possible DoS translating ASN.1 object identifiers]
- - openssl <unfixed>
+ - openssl 3.0.9-1
NOTE: https://www.openssl.org/news/secadv/20230530.txt
NOTE:
https://github.com/openssl/openssl/commit/9e209944b35cf82368071f160a744b6178f9b098
(OpenSSL_1_1_1u)
NOTE:
https://github.com/openssl/openssl/commit/423a2bc737a908ad0c77bda470b2b59dc879936b
(openssl-3.0.9)
@@ -12701,7 +12701,7 @@ CVE-2023-1257 (An attacker with physical access to the
affected Moxa UC Series d
CVE-2023-1256 (The listed versions of AVEVA Plant SCADA and AVEVA Telemetry
Server ar ...)
NOT-FOR-US: AVEVA Plant SCADA and AVEVA Telemetry Server
CVE-2023-1255 (Issue summary: The AES-XTS cipher decryption implementation for
64 bit ...)
- - openssl <unfixed> (bug #1034720)
+ - openssl 3.0.9-1 (bug #1034720)
[bookworm] - openssl <postponed> (Minor issue, fix along with next
security release)
[bullseye] - openssl <not-affected> (Vulnerable code not present)
[buster] - openssl <not-affected> (Vulnerable code not present)
@@ -22689,7 +22689,7 @@ CVE-2023-0468 (A use-after-free flaw was found in
io_uring/poll.c in io_poll_che
CVE-2023-0467 (The WP Dark Mode WordPress plugin before 4.0.8 does not
properly sanit ...)
NOT-FOR-US: WordPress plugin
CVE-2023-0466 (The function X509_VERIFY_PARAM_add0_policy() is documented to
implicit ...)
- - openssl <unfixed> (bug #1034720)
+ - openssl 3.0.9-1 (bug #1034720)
[bookworm] - openssl <no-dsa> (Minor issue)
[bullseye] - openssl <no-dsa> (Minor issue)
[buster] - openssl <no-dsa> (Minor issue)
@@ -22697,7 +22697,7 @@ CVE-2023-0466 (The function
X509_VERIFY_PARAM_add0_policy() is documented to imp
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=51e8a84ce742db0f6c70510d0159dad8f7825908
(openssl-3.0)
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a
(OpenSSL_1_1_1-stable)
CVE-2023-0465 (Applications that use a non-default option when verifying
certificates ...)
- - openssl <unfixed> (bug #1034720)
+ - openssl 3.0.9-1 (bug #1034720)
[bookworm] - openssl <no-dsa> (Minor issue)
[bullseye] - openssl <no-dsa> (Minor issue)
[buster] - openssl <no-dsa> (Minor issue)
@@ -22705,7 +22705,7 @@ CVE-2023-0465 (Applications that use a non-default
option when verifying certifi
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
(openssl-3.0)
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b013765abfa80036dc779dd0e50602c57bb3bf95
(OpenSSL_1_1_1-stable)
CVE-2023-0464 (A security vulnerability has been identified in all supported
versions ...)
- - openssl <unfixed> (bug #1034720)
+ - openssl 3.0.9-1 (bug #1034720)
[bookworm] - openssl <no-dsa> (Minor issue)
[bullseye] - openssl <no-dsa> (Minor issue)
[buster] - openssl <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d0aee7a443e2cdc15a5f55dca8a37f1b1e10d72
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d0aee7a443e2cdc15a5f55dca8a37f1b1e10d72
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
