Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
784048eb by Salvatore Bonaccorso at 2023-10-24T17:10:38+02:00
Add CVE-2023-5363/openssl
- - - - -
4a3dcab5 by Salvatore Bonaccorso at 2023-10-24T17:11:18+02:00
Add openssl to dsa-needed list
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -50,6 +50,11 @@ CVE-2023-5721
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-46/#CVE-2023-5721
CVE-2023-5746 (A vulnerability regarding use of externally-controlled format
string i ...)
NOT-FOR-US: Synology
+CVE-2023-5363 [Incorrect cipher key & IV length processing]
+ - openssl <unfixed>
+ [bullseye] - openssl <not-affected> (Vulnerable code not present)
+ [buster] - openssl <not-affected> (Vulnerable code not present)
+ NOTE: https://www.openssl.org/news/secadv/20231024.txt
CVE-2023-46059 (Cross Site Scripting (XSS) vulnerability in Geeklog-Core
geeklog v.2.2 ...)
NOT-FOR-US: Geeklog-Core geeklog
CVE-2023-46058 (Cross Site Scripting (XSS) vulnerability in Geeklog-Core
geeklog v.2.2 ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -46,6 +46,8 @@ openjdk-11/oldstable (jmm)
--
openjdk-17 (jmm)
--
+openssl (carnil)
+--
php-cas/oldstable
--
php-horde-mime-viewer/oldstable
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/170e0e91d9d251abf820adf84eb4ee6244834088...4a3dcab575e09aaf2632ec3a9e67c3fd18c5554e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/170e0e91d9d251abf820adf84eb4ee6244834088...4a3dcab575e09aaf2632ec3a9e67c3fd18c5554e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
