Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6a770fae by Salvatore Bonaccorso at 2023-06-16T20:36:54+02:00
Pinpoint upstream tag references for trafficserver issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -291,8 +291,8 @@ CVE-2023-33933 (Exposure of Sensitive Information to an
Unauthorized Actor vulne
- trafficserver <unfixed>
NOTE: https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
NOTE:
https://github.com/apache/trafficserver/commit/867c48c1adf9e795c8d85c48d2d0f07f08aa87ec
(master)
- NOTE:
https://github.com/apache/trafficserver/commit/726a79cb2f70fcbe0e2139aab3fe56930d3d8c27
(9.2.x)
- NOTE:
https://github.com/apache/trafficserver/commit/496fa2c4cbdf2b3d6c61760a3fb6675b74b549f0
(8.1.x)
+ NOTE:
https://github.com/apache/trafficserver/commit/726a79cb2f70fcbe0e2139aab3fe56930d3d8c27
(9.2.1-rc0)
+ NOTE:
https://github.com/apache/trafficserver/commit/496fa2c4cbdf2b3d6c61760a3fb6675b74b549f0
(8.1.7)
CVE-2023-33817 (hoteldruid v3.0.5 was discovered to contain a SQL injection
vulnerabil ...)
- hoteldruid <unfixed>
[bookworm] - hoteldruid <no-dsa> (Minor issue)
@@ -6217,8 +6217,8 @@ CVE-2023-30631 (Improper Input Validation vulnerability
in Apache Software Found
- trafficserver <unfixed>
NOTE: https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
NOTE:
https://github.com/apache/trafficserver/commit/8d1ad1dfe4d0ee179029f37c7e8d4caab601cb7b
(master)
- NOTE:
https://github.com/apache/trafficserver/commit/ee46128fc7099956145be2147e4ddad7fbc7299b
(9.2.x)
- NOTE:
https://github.com/apache/trafficserver/commit/35dd3efde78a73aefa257e12b8fe78d6cd646ba0
(8.1.x)
+ NOTE:
https://github.com/apache/trafficserver/commit/ee46128fc7099956145be2147e4ddad7fbc7299b
(9.2.1-rc0)
+ NOTE:
https://github.com/apache/trafficserver/commit/35dd3efde78a73aefa257e12b8fe78d6cd646ba0
(8.1.7)
CVE-2023-30630 (Dmidecode before 3.5 allows -dump-bin to overwrite a local
file. This ...)
- dmidecode 3.5-1 (bug #1034483)
[bookworm] - dmidecode <no-dsa> (Minor issue)
@@ -36180,8 +36180,8 @@ CVE-2022-47184 (Exposure of Sensitive Information to an
Unauthorized Actor vulne
- trafficserver <unfixed>
NOTE: https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
NOTE:
https://github.com/apache/trafficserver/commit/105af3ca30e59fbb89013e83a484a04559b4cf25
(master)
- NOTE:
https://github.com/apache/trafficserver/commit/c371b7b21a7e774f852af86b85c87d5d877a14bd
(9.2.x)
- NOTE:
https://github.com/apache/trafficserver/commit/b49ae063632b1f40b9bd45aa66524924e2c26600
(8.1.x)
+ NOTE:
https://github.com/apache/trafficserver/commit/c371b7b21a7e774f852af86b85c87d5d877a14bd
(9.2.1-rc0)
+ NOTE:
https://github.com/apache/trafficserver/commit/b49ae063632b1f40b9bd45aa66524924e2c26600
(8.1.7)
CVE-2022-47183 (Cross-Site Request Forgery (CSRF) vulnerability in StylistWP
Extra Blo ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47182
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a770fae1bcd3fd0ade7b3752d017c121fe2ef53
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a770fae1bcd3fd0ade7b3752d017c121fe2ef53
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
