[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 18 Nov 2023 12:12:05 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
74a3a24b by security tracker role at 2023-11-18T20:11:43+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2023-48736 (In International Color Consortium DemoIccMAX 3e7948b, 
CIccCLUT::Interp ...)
+       TODO: check
+CVE-2023-40363 (IBM InfoSphere Information Server 11.7 could allow an 
authenticated us ...)
+       TODO: check
+CVE-2023-38361 (IBM CICS TX Advanced 10.1 uses weaker than expected 
cryptographic algo ...)
+       TODO: check
 CVE-2023-6187 (The Paid Memberships Pro plugin for WordPress is vulnerable to 
arbitra ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-4214 (The AppPresser plugin for WordPress is vulnerable to 
unauthorized pass ...)
@@ -7076,7 +7082,7 @@ CVE-2023-3961 (A path traversal vulnerability was 
identified in Samba when proce
        NOTE: https://www.samba.org/samba/security/CVE-2023-3961.html
        NOTE: In scope for continued Samba support
 CVE-2023-44487 (The HTTP/2 protocol allows a denial of service (server 
resource consum ...)
-       {DSA-5549-1 DSA-5540-1 DSA-5522-1 DSA-5521-1 DLA-3645-1 DLA-3641-1 
DLA-3638-1 DLA-3621-1 DLA-3617-1}
+       {DSA-5558-1 DSA-5549-1 DSA-5540-1 DSA-5522-1 DSA-5521-1 DLA-3645-1 
DLA-3641-1 DLA-3638-1 DLA-3621-1 DLA-3617-1}
        - tomcat9 9.0.70-2
        - tomcat10 10.1.14-1
        - trafficserver 9.2.3+ds-1 (bug #1053801; bug #1054427)
@@ -22183,6 +22189,7 @@ CVE-2023-35131 (Content on the groups page required 
additional sanitizing to pre
 CVE-2023-34553 (An issue was discovered in WAFU Keyless Smart Lock v1.0 allows 
attacke ...)
        NOT-FOR-US: WAFU Keyless Smart Lock
 CVE-2023-34462 (Netty is an asynchronous event-driven network application 
framework fo ...)
+       {DSA-5558-1}
        - netty 1:4.1.48-8 (bug #1038947)
        [buster] - netty <not-affected> (SslClientHelloHandler introduced in 
v4.1.46)
        NOTE: 
https://github.com/netty/netty/security/advisories/GHSA-6mjq-h674-j845



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74a3a24b7af76dd2d7fce6caeb40f517370a215d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74a3a24b7af76dd2d7fce6caeb40f517370a215d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to