Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3706891b by Salvatore Bonaccorso at 2023-05-30T21:46:40+02:00
Remove bookworm entries for openssl for CVEs fixed in 3.0.9-1
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12702,7 +12702,6 @@ CVE-2023-1256 (The listed versions of AVEVA Plant SCADA
and AVEVA Telemetry Serv
NOT-FOR-US: AVEVA Plant SCADA and AVEVA Telemetry Server
CVE-2023-1255 (Issue summary: The AES-XTS cipher decryption implementation for
64 bit ...)
- openssl 3.0.9-1 (bug #1034720)
- [bookworm] - openssl <postponed> (Minor issue, fix along with next
security release)
[bullseye] - openssl <not-affected> (Vulnerable code not present)
[buster] - openssl <not-affected> (Vulnerable code not present)
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=02ac9c9420275868472f33b01def01218742b8bb
@@ -22690,7 +22689,6 @@ CVE-2023-0467 (The WP Dark Mode WordPress plugin before
4.0.8 does not properly
NOT-FOR-US: WordPress plugin
CVE-2023-0466 (The function X509_VERIFY_PARAM_add0_policy() is documented to
implicit ...)
- openssl 3.0.9-1 (bug #1034720)
- [bookworm] - openssl <no-dsa> (Minor issue)
[bullseye] - openssl <no-dsa> (Minor issue)
[buster] - openssl <no-dsa> (Minor issue)
NOTE: https://www.openssl.org/news/secadv/20230328.txt
@@ -22698,7 +22696,6 @@ CVE-2023-0466 (The function
X509_VERIFY_PARAM_add0_policy() is documented to imp
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a
(OpenSSL_1_1_1-stable)
CVE-2023-0465 (Applications that use a non-default option when verifying
certificates ...)
- openssl 3.0.9-1 (bug #1034720)
- [bookworm] - openssl <no-dsa> (Minor issue)
[bullseye] - openssl <no-dsa> (Minor issue)
[buster] - openssl <no-dsa> (Minor issue)
NOTE: https://www.openssl.org/news/secadv/20230328.txt
@@ -22706,7 +22703,6 @@ CVE-2023-0465 (Applications that use a non-default
option when verifying certifi
NOTE:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b013765abfa80036dc779dd0e50602c57bb3bf95
(OpenSSL_1_1_1-stable)
CVE-2023-0464 (A security vulnerability has been identified in all supported
versions ...)
- openssl 3.0.9-1 (bug #1034720)
- [bookworm] - openssl <no-dsa> (Minor issue)
[bullseye] - openssl <no-dsa> (Minor issue)
[buster] - openssl <no-dsa> (Minor issue)
NOTE: https://www.openssl.org/news/secadv/20230322.txt
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3706891b48b8bfc66f5a1b33991e807b87fd588c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3706891b48b8bfc66f5a1b33991e807b87fd588c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
