Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
285994e1 by Moritz Muehlenhoff at 2024-09-27T15:23:19+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5093,37 +5093,37 @@ CVE-2024-42057 (A command injection vulnerability in
the IPSec VPN feature of Zy
CVE-2024-37136 (Dell Path to PowerProtect, versions 1.1, 1.2, contains an
Exposure of ...)
NOT-FOR-US: Dell
CVE-2024-45620 (A vulnerability was found in the pkcs15-init tool in OpenSC.
An attack ...)
- - opensc <unfixed>
+ - opensc <unfixed> (bug #1082864)
[bookworm] - opensc <no-dsa> (Minor issue)
[bullseye] - opensc <postponed> (Minor issue, revisit when fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309289
CVE-2024-45619 (A vulnerability was found in OpenSC, OpenSC tools, PKCS#11
module, min ...)
- - opensc <unfixed>
+ - opensc <unfixed> (bug #1082863)
[bookworm] - opensc <no-dsa> (Minor issue)
[bullseye] - opensc <postponed> (Minor issue, revisit when fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309288
CVE-2024-45618 (A vulnerability was found in pkcs15-init in OpenSC. An
attacker could ...)
- - opensc <unfixed>
+ - opensc <unfixed> (bug #1082862)
[bookworm] - opensc <no-dsa> (Minor issue)
[bullseye] - opensc <postponed> (Minor issue, revisit when fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309287
CVE-2024-45617 (A vulnerability was found in OpenSC, OpenSC tools, PKCS#11
module, min ...)
- - opensc <unfixed>
+ - opensc <unfixed> (bug #1082861)
[bookworm] - opensc <no-dsa> (Minor issue)
[bullseye] - opensc <postponed> (Minor issue, revisit when fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309286
CVE-2024-45616 (A vulnerability was found in OpenSC, OpenSC tools, PKCS#11
module, min ...)
- - opensc <unfixed>
+ - opensc <unfixed> (bug #1082860)
[bookworm] - opensc <no-dsa> (Minor issue)
[bullseye] - opensc <postponed> (Minor issue, revisit when fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309290
CVE-2024-45615 (A vulnerability was found in OpenSC, OpenSC tools, PKCS#11
module, min ...)
- - opensc <unfixed>
+ - opensc <unfixed> (bug #1082859)
[bookworm] - opensc <no-dsa> (Minor issue)
[bullseye] - opensc <postponed> (Minor issue, revisit when fixed
upstream)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2309285
CVE-2024-45310 (runc is a CLI tool for spawning and running containers
according to th ...)
- - runc <unfixed>
+ - runc <unfixed> (bug #1082865)
[bookworm] - runc <no-dsa> (Minor issue)
[bullseye] - runc <postponed> (Minor issue; can be fixed in next update)
NOTE: https://www.openwall.com/lists/oss-security/2024/09/03/1
@@ -25652,7 +25652,7 @@ CVE-2023-51498 (Missing Authorization vulnerability in
Woo WooCommerce Canada Po
CVE-2023-50763 (A vulnerability has been identified in SIMATIC CP 1542SP-1
(6GK7542-6U ...)
NOT-FOR-US: Siemens
CVE-2023-4727 (A flaw was found in dogtag-pki and pki-core. The token
authentication ...)
- - dogtag-pki <unfixed>
+ - dogtag-pki <unfixed> (bug #1082868)
[bullseye] - dogtag-pki <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2232218
CVE-2023-48273 (Missing Authorization vulnerability in WP OnlineSupport,
Essential Plu ...)
@@ -35091,23 +35091,23 @@ CVE-2024-21772 (Uncontrolled search path in some
Intel(R) Advisor software befor
CVE-2023-49614 (Out of bounds write in firmware for some Intel(R) FPGA
products before ...)
NOT-FOR-US: Intel
CVE-2023-48727 (NULL pointer dereference in some Intel(R) oneVPL software
before versi ...)
- - intel-mediasdk <unfixed>
+ - intel-mediasdk <unfixed> (bug #1082866)
[bookworm] - intel-mediasdk <no-dsa> (Minor issue)
- - onevpl <unfixed>
+ - onevpl <unfixed> (bug #1082867)
[bookworm] - onevpl <no-dsa> (Minor issue)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html
CVE-2023-48368 (Improper input validation in Intel(R) Media SDK software all
versions ...)
- - intel-mediasdk <unfixed>
+ - intel-mediasdk <unfixed> (bug #1082866)
[bookworm] - intel-mediasdk <no-dsa> (Minor issue)
- - onevpl <unfixed>
+ - onevpl <unfixed> (bug #1082867)
[bookworm] - onevpl <no-dsa> (Minor issue)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html
CVE-2023-47859 (Improper access control for some Intel(R) Wireless Bluetooth
products ...)
NOT-FOR-US: Intel
CVE-2023-47282 (Out-of-bounds write in Intel(R) Media SDK all versions and
some Intel( ...)
- - intel-mediasdk <unfixed>
+ - intel-mediasdk <unfixed> (bug #1082866)
[bookworm] - intel-mediasdk <no-dsa> (Minor issue)
- - onevpl <unfixed>
+ - onevpl <unfixed> (bug #1082867)
[bookworm] - onevpl <no-dsa> (Minor issue)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html
CVE-2023-47210 (Improper input validation for some Intel(R) PROSet/Wireless
WiFi softw ...)
@@ -35116,9 +35116,9 @@ CVE-2023-47210 (Improper input validation for some
Intel(R) PROSet/Wireless WiFi
[bullseye] - firmware-nonfree <no-dsa> (Minor issue)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01039.html
CVE-2023-47169 (Improper buffer restrictions in Intel(R) Media SDK software
all versio ...)
- - intel-mediasdk <unfixed>
+ - intel-mediasdk <unfixed> (bug #1082866)
[bookworm] - intel-mediasdk <no-dsa> (Minor issue)
- - onevpl <unfixed>
+ - onevpl <unfixed> (bug #1082867)
[bookworm] - onevpl <no-dsa> (Minor issue)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html
CVE-2023-47165 (Improper conditions check in the Intel(R) Data Center GPU Max
Series 1 ...)
@@ -35140,9 +35140,9 @@ CVE-2023-45320 (Uncontrolled search path element in
some Intel(R) VTune(TM) Prof
CVE-2023-45315 (Improper initialization in some Intel(R) Power Gadget software
for Win ...)
NOT-FOR-US: Intel
CVE-2023-45221 (Improper buffer restrictions in Intel(R) Media SDK all
versions may al ...)
- - intel-mediasdk <unfixed>
+ - intel-mediasdk <unfixed> (bug #1082866)
[bookworm] - intel-mediasdk <no-dsa> (Minor issue)
- - onevpl <unfixed>
+ - onevpl <unfixed> (bug #1082867)
[bookworm] - onevpl <no-dsa> (Minor issue)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html
CVE-2023-45217 (Improper access control in Intel(R) Power Gadget software for
Windows ...)
@@ -39555,7 +39555,7 @@ CVE-2023-51596 (BlueZ Phone Book Access Profile
Heap-based Buffer Overflow Remot
CVE-2023-51595 (Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection
Remote ...)
NOT-FOR-US: Voltronic Power ViewPower Pro
CVE-2023-51594 (BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure
Vulnerabi ...)
- - bluez <unfixed>
+ - bluez <unfixed> (bug #1082870)
[bookworm] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
[bullseye] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
[buster] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
@@ -39563,7 +39563,7 @@ CVE-2023-51594 (BlueZ OBEX Library Out-Of-Bounds Read
Information Disclosure Vul
CVE-2023-51593 (Voltronic Power ViewPower Pro Expression Language Injection
Remote Cod ...)
NOT-FOR-US: Voltronic Power ViewPower Pro
CVE-2023-51592 (BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds
Read Inform ...)
- - bluez <unfixed>
+ - bluez <unfixed> (bug #1082869)
[bookworm] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
[bullseye] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
[buster] - bluez <postponed> (Minor issue, revisit when/if fixed
upstream)
@@ -133931,8 +133931,8 @@ CVE-2023-22926
CVE-2023-22925
RESERVED
CVE-2023-22656 (Out-of-bounds read in Intel(R) Media SDK and some Intel(R)
oneVPL soft ...)
- - intel-mediasdk <unfixed>
- - onevpl <unfixed>
+ - intel-mediasdk <unfixed> (bug #1082866)
+ - onevpl <unfixed> (bug #1082867)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html
CVE-2023-22433
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/285994e19fb2f1fedbceeeb18d0617f0d50f5059
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/285994e19fb2f1fedbceeeb18d0617f0d50f5059
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
