Utkarsh Gupta pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
33bcd586 by Utkarsh Gupta at 2024-05-20T06:50:50+05:30
Mark CVE-2023-50967/jose as postponed for buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -20761,6 +20761,7 @@ CVE-2023-51444 (GeoServer is an open source software
server written in Java that
NOT-FOR-US: GeoServer
CVE-2023-50967 (latchset jose through version 11 allows attackers to cause a
denial of ...)
- jose 13-1 (bug #1067457)
+ [buster] - jose <postponed> (DoS via a large p2c value but still
appears minor; similar to CVE-2023-50966)
NOTE: https://github.com/P3ngu1nW/CVE_Request/blob/main/latch-jose.md
NOTE: https://github.com/latchset/jose/issues/151
NOTE: Fixed by:
https://github.com/latchset/jose/commit/4ee7708bf6dbfaa712749f081eec1f0d122fa001
(v13)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33bcd58601e7a09f4416e53323dcb3e8288bc56a
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33bcd58601e7a09f4416e53323dcb3e8288bc56a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
