Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ecbe9cb1 by Salvatore Bonaccorso at 2023-12-31T16:21:41+01:00
Add references for CVE-2023-49287/gemmi
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5279,6 +5279,8 @@ CVE-2023-49287 (TinyDir is a lightweight C directory and
file reader. Buffer ove
NOTE:
https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf
NOTE:
https://github.com/cxong/tinydir/commit/8124807260735a837226fa151493536591f6715d
(1.2.6)
NOTE:
https://github.com/hnsecurity/vulns/blob/main/HNS-2023-04-tinydir.txt
+ NOTE: gemmi: https://github.com/project-gemmi/gemmi/issues/292
+ NOTE: gemmi:
https://github.com/project-gemmi/gemmi/commit/e142eff1fec1475b62b2ab5e88d3a50b4d7450b5
(v0.6.4)
NOTE: lwip embeds a copy of tinydir, but it's unused, see bug #1059259
CVE-2023-49108 (Path traversal vulnerability exists in RakRak Document Plus
Ver.3.2.0. ...)
NOT-FOR-US: RakRak Document Plus
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ecbe9cb1626d33ef488644e4430edd7ef64635fe
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ecbe9cb1626d33ef488644e4430edd7ef64635fe
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
