Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a614ad15 by Moritz Mühlenhoff at 2023-10-21T23:42:33+02:00
opensearch is in the archive now
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -762,7 +762,8 @@ CVE-2023-4215 (Advantech WebAccess version 9.1.3 contains
an exposure of sensiti
CVE-2023-4089 (On affected Wago products an remote attacker with
administrative privi ...)
NOT-FOR-US: Wago
CVE-2023-45807 (OpenSearch is a community-driven, open source fork of
Elasticsearch an ...)
- NOT-FOR-US: OpenSearch
+ - opensearch <unfixed>
+ TODO: Check whether packaged bits are affected
CVE-2023-45659 (Engelsystem is a shift planning system for chaos events. If a
users' ...)
NOT-FOR-US: Engelsystem
CVE-2023-45542 (Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a
remote ...)
@@ -22569,7 +22570,8 @@ CVE-2023-31143 (mage-ai is an open-source data pipeline
tool for transforming an
CVE-2023-31142 (Discourse is an open source discussion platform. Prior to
version 3.0. ...)
NOT-FOR-US: Discourse
CVE-2023-31141 (OpenSearch is open-source software suite for search,
analytics, and ob ...)
- NOT-FOR-US: OpenSearch
+ - opensearch <unfixed>
+ TODO: Check whether packaged bits are affected
CVE-2023-31140 (OpenProject is open source project management software.
Starting with ...)
NOT-FOR-US: OpenProject
CVE-2023-31139 (DHIS2 Core contains the service layer and Web API for DHIS2,
an inform ...)
@@ -45656,9 +45658,11 @@ CVE-2023-23615 (Discourse is an open source discussion
platform. The embeddable
CVE-2023-23614 (Pi-hole\xae's Web interface (based off of AdminLTE) provides a
central ...)
NOT-FOR-US: Pi-Hole
CVE-2023-23613 (OpenSearch is an open source distributed and RESTful search
engine. In ...)
- NOT-FOR-US: OpenSearch
+ - opensearch <unfixed>
+ TODO: Check whether packaged bits are affected
CVE-2023-23612 (OpenSearch is an open source distributed and RESTful search
engine. Op ...)
- NOT-FOR-US: OpenSearch
+ - opensearch <unfixed>
+ TODO: Check whether packaged bits are affected
CVE-2023-23611 (LTI Consumer XBlock implements the consumer side of the LTI
specificat ...)
NOT-FOR-US: LTI
CVE-2023-23610 (GLPI is a Free Asset and IT Management Software package.
Versions prio ...)
@@ -72875,9 +72879,9 @@ CVE-2022-41920 (Lancet is a general utility library for
the go programming langu
CVE-2022-41919 (Fastify is a web framework with minimal overhead and plugin
architectu ...)
NOT-FOR-US: Fastify
CVE-2022-41918 (OpenSearch is a community-driven, open source fork of
Elasticsearch an ...)
- NOT-FOR-US: OpenSearch
+ - opensearch <not-affected> (Fixed before initial upload to archive)
CVE-2022-41917 (OpenSearch is a community-driven, open source fork of
Elasticsearch an ...)
- NOT-FOR-US: OpenSearch
+ - opensearch <not-affected> (Fixed before initial upload to archive)
CVE-2022-41916 (Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos.
Version ...)
{DSA-5287-1 DLA-3206-1}
- heimdal 7.8.git20221115.a6cf945+dfsg-1 (bug #1024187)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a614ad15a00270d6bc1017e71b966a3013e029b3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a614ad15a00270d6bc1017e71b966a3013e029b3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
