[Git][security-tracker-team/security-tracker][master] 2 commits: Track proposed update for 7zip via bookworm-pu

Sun, 22 Oct 2023 06:42:35 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3e5e687c by Salvatore Bonaccorso at 2023-10-22T15:42:02+02:00
Track proposed update for 7zip via bookworm-pu

- - - - -
94b597e2 by Salvatore Bonaccorso at 2023-10-22T15:42:04+02:00
Mark 7zip issues as no-dsa

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -22798,11 +22798,13 @@ CVE-2023-31103 (Exposure of Resource to Wrong Sphere 
Vulnerability in Apache Sof
        NOT-FOR-US: Apache InLong
 CVE-2023-40481
        - 7zip 23.01+dfsg-1
+       [bookworm] - 7zip <no-dsa> (Minor issue; will be fixed via point 
release)
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1164/
        NOTE: 
https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/
 CVE-2023-31102
        RESERVED
        - 7zip 23.01+dfsg-1
+       [bookworm] - 7zip <no-dsa> (Minor issue; will be fixed via point 
release)
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1165/
        NOTE: 
https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/
 CVE-2023-31101 (Insecure Default Initialization of Resource Vulnerability in 
Apache So ...)


=====================================
data/next-point-update.txt
=====================================
@@ -10,3 +10,7 @@ CVE-2023-40743
        [bookworm] - axis 1.4-28+deb12u1
 CVE-2023-45143
        [bookworm] - node-undici 5.15.0+dfsg1+~cs20.10.9.3-1+deb12u2
+CVE-2023-40481
+       [bookworm] - 7zip 22.01+dfsg-8+deb12u1
+CVE-2023-31102
+       [bookworm] - 7zip 22.01+dfsg-8+deb12u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6eba7e744431548d1c6d9d6d15c1fbf0e8f16003...94b597e2ae977f2225eebc62859eec16ac59c969

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6eba7e744431548d1c6d9d6d15c1fbf0e8f16003...94b597e2ae977f2225eebc62859eec16ac59c969
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to