Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cd118f1f by Salvatore Bonaccorso at 2023-08-31T22:55:28+02:00
Track fixed version for linux issues fixed via unstable
For CVE-2023-20588 the version is bumped to 6.4.13-1 to conver the
correct fix in a followup.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -633,14 +633,14 @@ CVE-2023-34724 (An issue was discovered in TECHView
LA5570 Wireless Gateway 1.0.
CVE-2023-32457 (Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an
improper ...)
NOT-FOR-US: Dell
CVE-2023-4569 (A memory leak flaw was found in nft_set_catchall_flush in
net/netfilte ...)
- - linux <unfixed>
+ - linux 6.4.13-1
NOTE:
https://git.kernel.org/linus/90e5b3462efa37b8bba82d7c4e63683856e188af (6.5-rc7)
CVE-2023-4567
- ansible <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2235369
TODO: check, no upstream information provided in RHBZ#2235369
CVE-2023-4563 [Use-after-free in nft_verdict_dump due to a race between set GC
and transaction]
- - linux <unfixed>
+ - linux 6.4.13-1
NOTE:
https://lore.kernel.org/netdev/[email protected]/
NOTE: https://lore.kernel.org/netdev/[email protected]/
CVE-2023-41109 (SmartNode SN200 (aka SN200) 3.21.2-23021 allows
unauthenticated OS Com ...)
@@ -5048,11 +5048,11 @@ CVE-2023-2640 (On Ubuntu kernels carrying both
c914c0e27eb0 and "UBUNTU: SAUCE:
CVE-2023-2626 (There exists an authentication bypass vulnerability in
OpenThread bord ...)
NOT-FOR-US: OpenThread
CVE-2023-3773 (A flaw was found in the Linux kernel\u2019s IP framework for
transform ...)
- - linux <unfixed>
+ - linux 6.4.13-1
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://lore.kernel.org/all/[email protected]/T/#u
CVE-2023-3772 (A flaw was found in the Linux kernel\u2019s IP framework for
transform ...)
- - linux <unfixed>
+ - linux 6.4.13-1
NOTE:
https://lore.kernel.org/netdev/[email protected]/
NOTE: https://www.openwall.com/lists/oss-security/2023/08/10/1
CVE-2023-37895 (Java object deserialization issue in Jackrabbit
webapp/standalone on a ...)
@@ -57707,7 +57707,7 @@ CVE-2023-20589 (An attacker with specialized hardware
and physical access to an
NOT-FOR-US: AMD
CVE-2023-20588 (A division-by-zero error on some AMD processors can
potentially return ...)
{DSA-5480-1}
- - linux 6.4.11-1
+ - linux 6.4.13-1
NOTE:
https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7007.html
NOTE:
https://git.kernel.org/linus/77245f1c3c6495521f6a3af082696ee2f8ce3921
CVE-2023-20587
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd118f1f5a260ef7dd8fccb53e4c6d0bea6de4b8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd118f1f5a260ef7dd8fccb53e4c6d0bea6de4b8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
