Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9883cbe5 by Thorsten Alteholz at 2023-12-24T01:04:13+01:00
mark CVE-2023-48795 as no-dsa for proftpd-dfsg in Buster
- - - - -
dc1a125e by Thorsten Alteholz at 2023-12-24T01:04:15+01:00
mark CVE-2023-48795 as no-dsa for erlang in Buster
- - - - -
fe68ad6c by Thorsten Alteholz at 2023-12-24T01:04:16+01:00
mark CVE-2023-51704 as postponed
- - - - -
f90c2ea0 by Thorsten Alteholz at 2023-12-24T01:04:18+01:00
mark temporary entry as no-dsa for spip in Buster
- - - - -
e6a8ae29 by Thorsten Alteholz at 2023-12-24T01:04:20+01:00
mark CVE-2023-4255 as no-dsa for Buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -179,6 +179,7 @@ CVE-2023-XXXX [XSS issue fixed in 4.1.13 upstream]
- spip 4.1.13+dfsg-1 (bug #1059331)
[bookworm] - spip <no-dsa> (Minor issue)
[bullseye] - spip <no-dsa> (Minor issue)
+ [buster] - spip <no-dsa> (Minor issue)
CVE-2023-7059 (A vulnerability was found in SourceCodester School Visitor Log
e-Book ...)
NOT-FOR-US: SourceCodester School Visitor Log e-Book
CVE-2023-7058 (A vulnerability was found in SourceCodester Simple Student
Attendance ...)
@@ -224,6 +225,7 @@ CVE-2023-51704 (An issue was discovered in MediaWiki before
1.35.14, 1.36.x thro
- mediawiki <unfixed>
[bookworm] - mediawiki <postponed> (Minor issue, fix along in next
update)
[bullseye] - mediawiki <postponed> (Minor issue, fix along in next
update)
+ [buster] - mediawiki <postponed> (Minor issue, fix along in next update)
NOTE:
https://lists.wikimedia.org/hyperkitty/list/[email protected]/thread/TDBUBCCOQJUT4SCHJNPHKQNPBUUETY52/
NOTE: https://phabricator.wikimedia.org/T347726
CVE-2023-51380 (An incorrect authorization vulnerability was identified in
GitHub Ente ...)
@@ -415,6 +417,7 @@ CVE-2023-4256 (Within tcpreplay's tcprewrite, a double free
vulnerability has be
NOTE: Crash in CLI tool, no security impact
CVE-2023-4255 (An out-of-bounds write issue has been discovered in the
backspace hand ...)
- w3m <unfixed> (bug #1059265)
+ [buster] - w3m <no-dsa> (Minor issue)
NOTE:
https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
NOTE: https://github.com/tats/w3m/issues/268
NOTE: https://github.com/tats/w3m/pull/273
@@ -1228,6 +1231,7 @@ CVE-2023-48795 (The SSH transport protocol with certain
OpenSSH extensions, foun
- erlang 1:25.3.2.8+dfsg-1 (bug #1059002)
[bookworm] - erlang <no-dsa> (Minor issue)
[bullseye] - erlang <no-dsa> (Minor issue)
+ [buster] - erlang <no-dsa> (Minor issue)
- filezilla 3.66.4-1
- golang-go.crypto <unfixed> (bug #1059003)
- jsch <not-affected> (ChaCha20-Poly1305 support introduced in 0.1.61;
*-EtM support introduced in 0.1.58)
@@ -1241,6 +1245,7 @@ CVE-2023-48795 (The SSH transport protocol with certain
OpenSSH extensions, foun
- proftpd-dfsg 1.3.8.b+dfsg-1 (bug #1059144)
[bookworm] - proftpd-dfsg <no-dsa> (Minor issue)
[bullseye] - proftpd-dfsg <no-dsa> (Minor issue)
+ [buster] - proftpd-dfsg <no-dsa> (Minor issue)
- proftpd-mod-proxy 0.9.3-1 (bug #1059290)
[bookworm] - proftpd-mod-proxy <no-dsa> (Minor issue)
[bullseye] - proftpd-mod-proxy <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e4968a1025a798e289cbd35cb50cd7267fe92f09...e6a8ae29b8ddd7e6187c4f307ce8c56f376d6b4c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e4968a1025a798e289cbd35cb50cd7267fe92f09...e6a8ae29b8ddd7e6187c4f307ce8c56f376d6b4c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
