[Git][security-tracker-team/security-tracker][master] Update CVE-2023-1428 for all suites

Wed, 26 Jul 2023 13:18:30 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3a76c616 by Salvatore Bonaccorso at 2023-07-26T22:16:32+02:00
Update CVE-2023-1428 for all suites

LTS triage by Sylvain Beucler confirmed the introductory commit to be in
1.52.0-pre1, and no Debian version contains yet the vulnerable code.
Update the entry following the pinpointing of the issue.

Thanks: Sylvain Beucler for researching the intorducing commit.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17826,11 +17826,8 @@ CVE-2023-1430 (The FluentCRM - Marketing Automation 
For WordPress  plugin for Wo
 CVE-2023-1429 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
pimcore/pi ...)
        NOT-FOR-US: pimcore
 CVE-2023-1428 (There exists an vulnerability causing an abort() to be called 
in gRPC. ...)
-       - grpc <unfixed>
-       [bookworm] - grpc <no-dsa> (Minor issue)
-       [bullseye] - grpc <no-dsa> (Minor issue)
-       [buster] - grpc <not-affected> (Vulnerable maxsize handler introduced 
later)
-       NOTE: 
https://github.com/grpc/grpc/commit/2485fa94bd8a723e5c977d55a3ce10b301b437f8 
(v1.54.0-pre1)
+       - grpc <not-affected> (Vulnerable maxsize handler introduced later)
+       NOTE: Fixed by: 
https://github.com/grpc/grpc/commit/2485fa94bd8a723e5c977d55a3ce10b301b437f8 
(v1.54.0-pre1)
        NOTE: Introduced by: 
https://github.com/grpc/grpc/commit/b2b70515583fe18e36c7e70b265808fa3154f734 
(v1.52.0-pre1)
 CVE-2023-1427 (- The Photo Gallery by 10Web WordPress plugin before 1.8.15 did 
not en ...)
        NOT-FOR-US: WordPress plugin



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a76c616ff1834e86592a9811ef93317fae1ec74

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a76c616ff1834e86592a9811ef93317fae1ec74
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to