Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 27bba13b by Salvatore Bonaccorso at 2023-06-14T18:55:17+02:00 CVE-2023-3247 assigned for recent PHP issue Link: https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw - - - - - 2 changed files: - data/CVE/list - data/DSA/list Changes: ===================================== data/CVE/list ===================================== @@ -22433,11 +22433,9 @@ CVE-2023-25141 (Apache Sling JCR Base < 3.1.12 has a critical injection vulnerab NOT-FOR-US: Apache sling-org-apache-sling-jcr-base CVE-2023-25140 (A vulnerability has been identified in Parasolid V34.0 (All versions < ...) NOT-FOR-US: Siemens -CVE-2023-XXXX [GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP] +CVE-2023-3247 [GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP] - php8.2 8.2.7-1 - [bookworm] - php8.2 8.2.7-1~deb12u1 - php7.4 <removed> - [bullseye] - php7.4 7.4.33-1+deb11u4 NOTE: Fixed in 8.2.7, 8.1.20, 8.0.29 NOTE: https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw NOTE: https://github.com/php/php-src/commit/ac4254ad764c70cb1f05c9270d8d12689fc3aeb6 (php-8.0.29) ===================================== data/DSA/list ===================================== @@ -2,8 +2,10 @@ {CVE-2023-27476} [bullseye] - owslib 0.23.0-1+deb11u1 [13 Jun 2023] DSA-5425-1 php8.2 - security update + {CVE-2023-3247} [bookworm] - php8.2 8.2.7-1~deb12u1 [13 Jun 2023] DSA-5424-1 php7.4 - security update + {CVE-2023-3247} [bullseye] - php7.4 7.4.33-1+deb11u4 [11 Jun 2023] DSA-5423-1 thunderbird - security update {CVE-2023-34414 CVE-2023-34416} View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27bba13be044554a65fb8af4a0812c9057899565 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27bba13be044554a65fb8af4a0812c9057899565 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
