Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
76be03cc by Moritz Muehlenhoff at 2023-10-23T15:40:56+02:00
bullseye/bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -201,22 +201,40 @@ CVE-2023-45675 (stb_vorbis is a single file MIT licensed
library for processing
NOTE: https://github.com/nothings/stb/pull/1553
CVE-2023-45667 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed>
- NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
+ [bookworm] - libstb <no-dsa> (Minor issue)
+ [bullseye] - libstb <no-dsa> (Minor issue)
+ NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 7)
+ NOTE: https://github.com/nothings/stb/pull/1551
CVE-2023-45666 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed>
- NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
+ [bookworm] - libstb <no-dsa> (Minor issue)
+ [bullseye] - libstb <no-dsa> (Minor issue)
+ NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 6)
+ NOTE: https://github.com/nothings/stb/pull/1549
CVE-2023-45664 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed>
- NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
+ [bookworm] - libstb <no-dsa> (Minor issue)
+ [bullseye] - libstb <no-dsa> (Minor issue)
+ NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 4)
+ NOTE: https://github.com/nothings/stb/pull/1545
CVE-2023-45663 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed>
- NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
+ [bookworm] - libstb <no-dsa> (Minor issue)
+ [bullseye] - libstb <no-dsa> (Minor issue)
+ NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 3)
+ NOTE: https://github.com/nothings/stb/pull/1543
CVE-2023-45662 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed>
- NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
+ [bookworm] - libstb <no-dsa> (Minor issue)
+ [bullseye] - libstb <no-dsa> (Minor issue)
+ NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 2)
+ NOTE: https://github.com/nothings/stb/pull/1541
CVE-2023-45661 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed>
- NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
+ [bookworm] - libstb <no-dsa> (Minor issue)
+ [bullseye] - libstb <no-dsa> (Minor issue)
+ NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 1)
+ NOTE: https://github.com/nothings/stb/pull/1539
CVE-2023-43357 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18
allows a ...)
NOT-FOR-US: CMSmadesimple
CVE-2023-43356 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18
allows a ...)
@@ -1876,7 +1894,9 @@ CVE-2023-39325 (A malicious HTTP/2 client which rapidly
creates requests and imm
- golang-1.21 1.21.3-1
- golang-1.20 1.20.10-1
- golang-1.19 <unfixed>
+ [bookworm] - golang-1.19 <no-dsa> (Minor issue)
- golang-1.15 <removed>
+ [bullseye] - golang-1.15 <no-dsa> (Minor issue)
- golang-1.11 <removed>
NOTE: https://github.com/golang/go/issues/63417
CVE-2023-5473 (Use after free in Cast in Google Chrome prior to 118.0.5993.70
allowed ...)
@@ -3888,6 +3908,8 @@ CVE-2023-43909 (Hospital Management System thru commit
4770d was discovered to c
NOT-FOR-US: Hospital Management System
CVE-2023-43655 (Composer is a dependency manager for PHP. Users publishing a
composer. ...)
- composer 2.6.4-1
+ [bookworm] - composer <no-dsa> (Minor issue)
+ [bullseye] - composer <no-dsa> (Minor issue)
[buster] - composer <no-dsa> (Minor issue, only a problem when
configured improperly)
NOTE:
https://github.com/composer/composer/security/advisories/GHSA-jm6m-4632-36hf
NOTE:
https://github.com/composer/composer/commit/4fce14795aba98e40b6c4f5047305aba17a6120d
(1.10.27)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76be03cce30e752219a2e04c9ba69d4134cea2d5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76be03cce30e752219a2e04c9ba69d4134cea2d5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
