[Git][security-tracker-team/security-tracker][master] hoteldruid fixed in sid

Moritz Muehlenhoff (@jmm) Sun, 26 Nov 2023 10:32:17 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5840769e by Moritz Muehlenhoff at 2023-11-26T19:31:36+01:00
hoteldruid fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2187,7 +2187,7 @@ CVE-2023-47614 (A CWE-200: Exposure of Sensitive 
Information to an Unauthorized
 CVE-2023-47611 (A CWE-269: Improper Privilege Management vulnerability exists 
in Telit ...)
        NOT-FOR-US: Telit Cinterion
 CVE-2023-47164 (Cross-site scripting vulnerability in HOTELDRUID 3.0.5 and 
earlier all ...)
-       - hoteldruid <unfixed> (bug #1055772)
+       - hoteldruid 3.0.6-1 (bug #1055772)
        [bookworm] - hoteldruid <no-dsa> (Minor issue)
        [bullseye] - hoteldruid <no-dsa> (Minor issue)
        [buster] - hoteldruid <no-dsa> (Minor issue)
@@ -10921,32 +10921,32 @@ CVE-2023-43478 (fake_upload.cgi on the Telstra Smart 
Modem Gen 2 (Arcadyan LH100
 CVE-2023-43477 (The ping_from parameter of ping_tracerte.cgi in the web UI of 
Telstra  ...)
        NOT-FOR-US: Telstra Smart Modem Gen 2 (Arcadyan LH1000) firmware
 CVE-2023-43377 (A cross-site scripting (XSS) vulnerability in 
/hoteldruid/visualizza_c ...)
-       - hoteldruid <unfixed> (bug #1052572)
+       - hoteldruid 3.0.6-1 (bug #1052572)
        [bookworm] - hoteldruid <no-dsa> (Minor issue)
        [bullseye] - hoteldruid <no-dsa> (Minor issue)
        [buster] - hoteldruid <no-dsa> (Minor issue)
 CVE-2023-43376 (A cross-site scripting (XSS) vulnerability in 
/hoteldruid/clienti.php  ...)
-       - hoteldruid <unfixed> (bug #1052572)
+       - hoteldruid 3.0.6-1 (bug #1052572)
        [bookworm] - hoteldruid <no-dsa> (Minor issue)
        [bullseye] - hoteldruid <no-dsa> (Minor issue)
        [buster] - hoteldruid <no-dsa> (Minor issue)
 CVE-2023-43375 (Hoteldruid v3.0.5 was discovered to contain multiple SQL 
injection vul ...)
-       - hoteldruid <unfixed> (bug #1052572)
+       - hoteldruid 3.0.6-1 (bug #1052572)
        [bookworm] - hoteldruid <no-dsa> (Minor issue)
        [bullseye] - hoteldruid <no-dsa> (Minor issue)
        [buster] - hoteldruid <no-dsa> (Minor issue)
 CVE-2023-43374 (Hoteldruid v3.0.5 was discovered to contain a SQL injection 
vulnerabil ...)
-       - hoteldruid <unfixed> (bug #1052572)
+       - hoteldruid 3.0.6-1 (bug #1052572)
        [bookworm] - hoteldruid <no-dsa> (Minor issue)
        [bullseye] - hoteldruid <no-dsa> (Minor issue)
        [buster] - hoteldruid <no-dsa> (Minor issue)
 CVE-2023-43373 (Hoteldruid v3.0.5 was discovered to contain a SQL injection 
vulnerabil ...)
-       - hoteldruid <unfixed> (bug #1052572)
+       - hoteldruid 3.0.6-1 (bug #1052572)
        [bookworm] - hoteldruid <no-dsa> (Minor issue)
        [bullseye] - hoteldruid <no-dsa> (Minor issue)
        [buster] - hoteldruid <no-dsa> (Minor issue)
 CVE-2023-43371 (Hoteldruid v3.0.5 was discovered to contain a SQL injection 
vulnerabil ...)
-       - hoteldruid <unfixed> (bug #1052572)
+       - hoteldruid 3.0.6-1 (bug #1052572)
        [bookworm] - hoteldruid <no-dsa> (Minor issue)
        [bullseye] - hoteldruid <no-dsa> (Minor issue)
        [buster] - hoteldruid <no-dsa> (Minor issue)
@@ -23969,7 +23969,7 @@ CVE-2023-3001 (A CWE-502: Deserialization of Untrusted 
Data vulnerability exists
 CVE-2023-34944 (An arbitrary file upload vulnerability in the 
/fileUpload.lib.php comp ...)
        NOT-FOR-US: Chamilo LMS
 CVE-2023-34537 (A Reflected XSS was discovered in HotelDruid version 3.0.5, an 
attacke ...)
-       - hoteldruid <unfixed> (bug #1038251)
+       - hoteldruid 3.0.6-1 (bug #1038251)
        [bookworm] - hoteldruid <no-dsa> (Minor issue)
        [bullseye] - hoteldruid <no-dsa> (Minor issue)
        [buster] - hoteldruid <no-dsa> (Minor issue)
@@ -23990,7 +23990,7 @@ CVE-2023-33933 (Exposure of Sensitive Information to an 
Unauthorized Actor vulne
        NOTE: 
https://github.com/apache/trafficserver/commit/726a79cb2f70fcbe0e2139aab3fe56930d3d8c27
 (9.2.1-rc0)
        NOTE: 
https://github.com/apache/trafficserver/commit/496fa2c4cbdf2b3d6c61760a3fb6675b74b549f0
 (8.1.7)
 CVE-2023-33817 (hoteldruid v3.0.5 was discovered to contain a SQL injection 
vulnerabil ...)
-       - hoteldruid <unfixed> (bug #1038251)
+       - hoteldruid 3.0.6-1 (bug #1038251)
        [bookworm] - hoteldruid <no-dsa> (Minor issue)
        [bullseye] - hoteldruid <no-dsa> (Minor issue)
        [buster] - hoteldruid <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5840769e9bc111b2f9a9f3baeb6d4cc74af04a4f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5840769e9bc111b2f9a9f3baeb6d4cc74af04a4f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] hoteldruid fixed in sid

Reply via email to