[Git][security-tracker-team/security-tracker][master] librabbitmq CVEfied

Sat, 17 Jun 2023 02:09:46 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3f6ea3c7 by Moritz Muehlenhoff at 2023-06-17T11:09:05+02:00
librabbitmq CVEfied

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,11 @@ CVE-2023-3295 (The Unlimited Elements For Elementor (Free 
Widgets, Addons, Templ
 CVE-2023-35790 (An issue was discovered in dec_patch_dictionary.cc in libjxl 
before 0. ...)
        TODO: check
 CVE-2023-35789 (An issue was discovered in the C AMQP client library (aka 
rabbitmq-c)  ...)
-       TODO: check
+       - librabbitmq <unfixed> (bug #1037322)
+       [bookworm] - librabbitmq <no-dsa> (Minor issue)
+       [bullseye] - librabbitmq <no-dsa> (Minor issue)
+       NOTE: https://github.com/alanxz/rabbitmq-c/issues/575
+       NOTE: 
https://github.com/alanxz/rabbitmq-c/commit/463054383fbeef889b409a7f843df5365288e2a0
 CVE-2023-34459 (OpenZeppelin Contracts is a library for smart contract 
development. St ...)
        TODO: check
 CVE-2023-33438 (A stored Cross-site scripting (XSS) vulnerability in Wolters 
Kluwer Te ...)
@@ -154,12 +158,6 @@ CVE-2023-2683 (A memory leak in the EFR32 Bluetooth LE 
stack 5.1.0 through 5.1.1
 CVE-2023-XXXX [RUSTSEC-2023-0038: Out-of-bounds array access leads to panic]
        - rust-sequoia-openpgp 1.16.0-1
        NOTE: https://rustsec.org/advisories/RUSTSEC-2023-0038.html
-CVE-2023-XXXX [amqp-tools leaks credentials to the process environment]
-       - librabbitmq <unfixed> (bug #1037322)
-       [bookworm] - librabbitmq <no-dsa> (Minor issue)
-       [bullseye] - librabbitmq <no-dsa> (Minor issue)
-       NOTE: https://github.com/alanxz/rabbitmq-c/issues/575
-       NOTE: 
https://github.com/alanxz/rabbitmq-c/commit/463054383fbeef889b409a7f843df5365288e2a0
 CVE-2023-3193 (Cross-site scripting (XSS) vulnerability in the Layout module's 
SEO co ...)
        NOT-FOR-US: Liferay
 CVE-2023-3138 [Buffer overflows in InitExt.c in libX11]



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f6ea3c77011366cf6a7826fa6e91937322b194c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f6ea3c77011366cf6a7826fa6e91937322b194c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to