Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 18707d01 by Moritz Muehlenhoff at 2023-11-03T20:19:20+01:00 bullseye/bookworm triage - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -285,11 +285,13 @@ CVE-2023-4452 (A vulnerability has been identified in the EDR-810, EDR-G902, and NOT-FOR-US: Moxa CVE-2023-46931 (GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow ...) - gpac <unfixed> + [bullseye] - gpac <no-dsa> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/issues/2664 NOTE: https://github.com/gpac/gpac/commit/671976fccc971b3dff8d3dcf6ebd600472ca64bf CVE-2023-46930 (GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box i ...) - gpac <unfixed> + [bullseye] - gpac <no-dsa> (Minor issue) [buster] - gpac <end-of-life> (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/issues/2666 NOTE: https://github.com/gpac/gpac/commit/3809955065afa3da1ad580012ec43deadbb0f2c8 @@ -1645,6 +1647,8 @@ CVE-2023-46158 (IBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0 NOT-FOR-US: IBM CVE-2023-46136 (Werkzeug is a comprehensive WSGI web application library. If an upload ...) - python-werkzeug <unfixed> (bug #1054553) + [bookworm] - python-werkzeug <no-dsa> (Minor issue) + [bullseye] - python-werkzeug <no-dsa> (Minor issue) NOTE: https://github.com/pallets/werkzeug/security/advisories/GHSA-hrfv-mqp8-q5rw NOTE: https://github.com/pallets/werkzeug/commit/b1916c0c083e0be1c9d887ee2f3d696922bfc5c1 (3.0.1) CVE-2023-46135 (rs-stellar-strkey is a Rust lib for encode/decode of Stellar Strkeys. ...) @@ -3001,6 +3005,8 @@ CVE-2023-45901 (Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Reques NOT-FOR-US: Dreamer CMS CVE-2023-45803 (urllib3 is a user-friendly HTTP client library for Python. urllib3 pre ...) - python-urllib3 1.26.18-1 (bug #1054226) + [bookworm] - python-urllib3 <no-dsa> (Minor issue) + [bullseye] - python-urllib3 <no-dsa> (Minor issue) NOTE: https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4 NOTE: https://github.com/urllib3/urllib3/commit/b594c5ceaca38e1ac215f916538fb128e3526a36 (1.26.18) CVE-2023-45010 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex ...) @@ -5271,6 +5277,8 @@ CVE-2023-43838 (An arbitrary file upload vulnerability in Personal Management Sy CVE-2023-43804 (urllib3 is a user-friendly HTTP client library for Python. urllib3 doe ...) {DLA-3610-1} - python-urllib3 1.26.17-1 (bug #1053626) + [bookworm] - python-urllib3 <no-dsa> (Minor issue) + [bullseye] - python-urllib3 <no-dsa> (Minor issue) NOTE: https://github.com/urllib3/urllib3/security/advisories/GHSA-v845-jxx5-vc9f NOTE: https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb (1.26.17) CVE-2023-43261 (An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 b ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18707d0185d0a283ce345688c203dd9dd00de0ce -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18707d0185d0a283ce345688c203dd9dd00de0ce You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits