Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e3f9c293 by Moritz Mühlenhoff at 2023-08-01T23:45:18+02:00
openssl fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -141,7 +141,7 @@ CVE-2023-3997 (Splunk SOAR versions 6.0.2 and earlier are
indirectly affected by
CVE-2023-3983 (An authenticated SQL injection vulnerability exists in
Advantech iView ...)
NOT-FOR-US: Advantech iView
CVE-2023-3817 (Issue summary: Checking excessively long DH keys or parameters
may be ...)
- - openssl <unfixed>
+ - openssl 3.0.10-1
[bookworm] - openssl <postponed> (Minor issue, fix along with future
DSA)
[bullseye] - openssl <postponed> (Minor issue, fix along with future
DSA)
NOTE: https://www.openssl.org/news/secadv/20230731.txt
@@ -1299,7 +1299,7 @@ CVE-2023-3745 (A heap-based buffer overflow issue was
found in ImageMagick's Pus
NOTE:
https://github.com/ImageMagick/ImageMagick6/commit/7486477aa00c5c7856b111506da075b6cdfa8b73
(6.9.11-0)
NOTE:
https://github.com/ImageMagick/ImageMagick6/commit/b466a96965afc1308a4ace93f5535c2b770f294b
(6.9.11-0)
CVE-2023-3446 (Issue summary: Checking excessively long DH keys or parameters
may be ...)
- - openssl <unfixed> (bug #1041817)
+ - openssl 3.0.10-1 (bug #1041817)
[bookworm] - openssl <postponed> (Minor issue, fix along with future
DSA)
[bullseye] - openssl <postponed> (Minor issue, fix along with future
DSA)
NOTE: https://www.openssl.org/news/secadv/20230719.txt
@@ -1867,7 +1867,7 @@ CVE-2023-32760 (An issue in Archer Platform before v.6.13
fixed in v.6.12.0.6 an
CVE-2023-32759 (An issue in Archer Platform before v.6.13 and fixed in
6.12.0.6 and 6. ...)
NOT-FOR-US: Archer
CVE-2023-2975 (Issue summary: The AES-SIV cipher implementation contains a bug
that c ...)
- - openssl <unfixed> (bug #1041818)
+ - openssl 3.0.10-1 (bug #1041818)
[bookworm] - openssl <postponed> (Minor issue, fix along with future
DSA)
[bullseye] - openssl <not-affected> (Vulnerable code not present, only
affects 3.x)
[buster] - openssl <not-affected> (Vulnerable code not present, only
affects 3.x)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3f9c293db56949fa1d8129b7e9d9c2347fa38a6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3f9c293db56949fa1d8129b7e9d9c2347fa38a6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
