[Git][security-tracker-team/security-tracker][master] Expand commit ids for CVE-2023-3854{5,6}

Wed, 18 Oct 2023 08:32:23 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
59e1bcc7 by Salvatore Bonaccorso at 2023-10-18T17:31:31+02:00
Expand commit ids for CVE-2023-3854{5,6}

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1151,15 +1151,15 @@ CVE-2023-38546 (This flaw allows an attacker to insert 
cookies at will into a ru
        {DSA-5523-1 DLA-3613-1}
        - curl 8.3.0-3
        NOTE: https://curl.se/docs/CVE-2023-38546.html
-       NOTE: Fixed in 
https://github.com/curl/curl/commit/61275672b46d9abb32857404 (curl-8_4_0)
-       NOTE: Introduced in 
https://github.com/curl/curl/commit/74d5a6fb3b9a96d9f
+       NOTE: Introduced by: 
https://github.com/curl/curl/commit/74d5a6fb3b9a96d9fa51ba90996e94c878ebd151 
(curl-7_9_1)
+       NOTE: Fixed by: 
https://github.com/curl/curl/commit/61275672b46d9abb3285740467b882e22ed75da8 
(curl-8_4_0)
 CVE-2023-38545 (This flaw makes curl overflow a heap based buffer in the 
SOCKS5 proxy  ...)
        {DSA-5523-1}
        - curl 8.3.0-3
        [buster] - curl <not-affected> (Vulnerable code not present)
        NOTE: https://curl.se/docs/CVE-2023-38545.html
-       NOTE: Fixed in 
https://github.com/curl/curl/commit/fb4415d8aee6c1045be932a34fe6107c2f5ed147 
(curl-8_4_0)
-       NOTE: Introduced in https://github.com/curl/curl/commit/4a4b63daaa 
(curl-7_69_0)
+       NOTE: Introduced by: 
https://github.com/curl/curl/commit/4a4b63daaa01ef59b131d91e8e6e6dfe275c0f08 
(curl-7_69_0)
+       NOTE: Fixed by: 
https://github.com/curl/curl/commit/fb4415d8aee6c1045be932a34fe6107c2f5ed147 
(curl-8_4_0)
        NOTE: 
https://daniel.haxx.se/blog/2023/10/11/how-i-made-a-heap-overflow-in-curl/
 CVE-2023-5499 (Information exposure vulnerability in Shenzhen Reachfar v28, 
the explo ...)
        NOT-FOR-US: Shenzhen Reachfar



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59e1bcc7db89f0c718a4496f34edb8f246fa8022

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59e1bcc7db89f0c718a4496f34edb8f246fa8022
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to