Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dfe1d372 by Salvatore Bonaccorso at 2023-07-04T17:23:00+02:00
Record necessary commit for CVE-2023-3428
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -512,8 +512,9 @@ CVE-2023-3436 (Xpdf 4.04 will deadlock on a PDF object
stream whose "Length" fie
TODO: check
CVE-2023-3428 [heap-buffer-overflow in coders/tiff.c]
- imagemagick <unfixed>
- NOTE:
https://github.com/ImageMagick/ImageMagick/commit/a531d28e31309676ce8168c3b6dbbb5374b78790
- NOTE:
https://github.com/ImageMagick/ImageMagick6/commit/0d00400727170b0540a355a1bc52787bc7bcdea5
+ NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/a531d28e31309676ce8168c3b6dbbb5374b78790
+ NOTE: Prerequisite:
https://github.com/ImageMagick/ImageMagick6/commit/2b4eabb9d09b278f16727c635e928bd951c58773
+ NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/0d00400727170b0540a355a1bc52787bc7bcdea5
CVE-2023-3427 (The Salon Booking System plugin for WordPress is vulnerable to
Cross-S ...)
NOT-FOR-US: Salon Booking System plugin for WordPress
CVE-2023-3407 (The Subscribe2 plugin for WordPress is vulnerable to Cross-Site
Reques ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfe1d3729b1d2937c6a2e6245c17a072f33901c7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfe1d3729b1d2937c6a2e6245c17a072f33901c7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
