Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
aac75138 by Moritz Muehlenhoff at 2023-12-04T16:22:52+01:00
bullseye/bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -376,8 +376,9 @@ CVE-2023-4658 (An issue has been discovered in GitLab EE
affecting all versions
CVE-2023-4317 (An issue has been discovered in GitLab affecting all versions
starting ...)
- gitlab <unfixed>
CVE-2023-49735 (** UNSUPPORTED WHEN ASSIGNED ** The value set as the
DefaultLocaleRes ...)
- - tiles <unfixed> (bug #1057315)
+ - tiles <unfixed> (unimportant; bug #1057315)
NOTE: https://lists.apache.org/thread/8ktm4vxr6vvc1qsxh6ft8jzmom1zl65p
+ NOTE: Negligible security impact as packaged in Debian
CVE-2023-48894 (Incorrect Access Control vulnerability in jshERP V3.3 allows
attackers ...)
NOT-FOR-US: jshERP
CVE-2023-48016 (Restaurant Table Booking System V1.0 is vulnerable to SQL
Injection in ...)
@@ -855,6 +856,8 @@ CVE-2023-49090 (CarrierWave is a solution for file uploads
for Rails, Sinatra an
NOT-FOR-US: CarrierWave
CVE-2023-49083 (cryptography is a package designed to expose cryptographic
primitives ...)
- python-cryptography <unfixed> (bug #1057108)
+ [bookworm] - python-cryptography <no-dsa> (Minor issue)
+ [bullseye] - python-cryptography <no-dsa> (Minor issue)
NOTE:
https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97
NOTE: https://github.com/pyca/cryptography/pull/9926
NOTE:
https://github.com/pyca/cryptography/commit/1e7b4d074e14c4e694d3ce69ad6754a6039fd6ff
(main)
@@ -59994,7 +59997,9 @@ CVE-2023-22085 (Vulnerability in the Hospitality OPERA
5 Property Services produ
NOT-FOR-US: Oracle
CVE-2023-22084 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mariadb 1:10.11.6-1
+ [bookworm] - mariadb <no-dsa> (Minor issue, will be fixed via point
update)
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed via
point update)
- mariadb-10.3 <removed>
- mysql-8.0 8.0.35-1 (bug #1055034)
NOTE: Fixed in MariaDB: 11.2.2, 11.1.3, 11.0.4, 10.11.6, 10.10.7,
10.6.16, 10.5.23, 10.4.32
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aac75138bca9bd8c5b3d31abb68c4972fee9f4fc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aac75138bca9bd8c5b3d31abb68c4972fee9f4fc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
