Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c058a71e by Salvatore Bonaccorso at 2023-12-18T21:42:39+01:00
Add two openssh issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33,9 +33,13 @@ CVE-2023-5348 (The Product Catalog Mode For WooCommerce
WordPress plugin before
CVE-2023-5005 (The Autocomplete Location field Contact Form 7 WordPress plugin
before ...)
TODO: check
CVE-2023-51385 (In ssh in OpenSSH before 9.6, OS command injection might occur
if a us ...)
- TODO: check
+ - openssh <unfixed>
+ NOTE: https://www.openwall.com/lists/oss-security/2023/12/18/2
+ NOTE:
https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a
(V_9_6_P1)
CVE-2023-51384 (In ssh-agent in OpenSSH before 9.6, certain destination
constraints ca ...)
- TODO: check
+ - openssh <unfixed>
+ NOTE: https://www.openwall.com/lists/oss-security/2023/12/18/2
+ NOTE:
https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
(V_9_6_P1)
CVE-2023-50372 (Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki
Miyashita C ...)
TODO: check
CVE-2023-4724 (The Export any WordPress data to XML/CSV WordPress plugin
before 1.4.0 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c058a71e8cbcea0e05300cb02940ddf52cb21082
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c058a71e8cbcea0e05300cb02940ddf52cb21082
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
