[Git][security-tracker-team/security-tracker][master] Document more fixing commits for exim4 DLA-3938-1

Mon, 28 Oct 2024 17:00:55 -0700 


Markus Koschany pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7ee1ea48 by Markus Koschany at 2024-10-29T00:59:44+01:00
Document more fixing commits for exim4 DLA-3938-1

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -98194,6 +98194,7 @@ CVE-2023-42119 (Exim dnsdb Out-Of-Bounds Read 
Information Disclosure Vulnerabili
        NOTE: https://www.openwall.com/lists/oss-security/2023/09/29/5
        NOTE: https://www.openwall.com/lists/oss-security/2023/10/01/4
        NOTE: https://exim.org/static/doc/security/CVE-2023-zdi.txt
+       NOTE: Fixed by https://git.exim.org/exim.git/commitdiff/f6b1f8e7d642
 CVE-2023-42118 (Exim libspf2 Integer Underflow Remote Code Execution 
Vulnerability. Th ...)
        - libspf2 <unfixed> (bug #1053870)
        [bookworm] - libspf2 <postponed> (Revisit once upstream and ZDI status 
is clarfied)
@@ -98221,6 +98222,8 @@ CVE-2023-42117 (Exim Improper Neutralization of Special 
Elements Remote Code Exe
        NOTE: https://www.openwall.com/lists/oss-security/2023/09/29/5
        NOTE: https://www.openwall.com/lists/oss-security/2023/10/01/4
        NOTE: https://exim.org/static/doc/security/CVE-2023-zdi.txt
+       NOTE: Fixed by 
https://git.exim.org/exim.git/commit/a95acb1c19c2e3600ef327c71318e33316d34440
+       NOTE: Fixed by 
https://git.exim.org/exim.git/commit/654056e44fc93a0ee7c09d1228933e8af6862206
 CVE-2023-42116 (Exim SMTP Challenge Stack-based Buffer Overflow Remote Code 
Execution  ...)
        {DSA-5512-1 DLA-3599-1}
        - exim4 4.97~RC1-2
@@ -164520,6 +164523,10 @@ CVE-2022-3559 (A vulnerability was found in Exim and 
classified as problematic.
        [buster] - exim4 <no-dsa> (Minor issue)
        NOTE: https://bugs.exim.org/show_bug.cgi?id=2915
        NOTE: 
https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2
+       NOTE: Important follow-up fixes:
+       NOTE: 
https://git.exim.org/exim.git/commit/d8ecc7bf97934a1e2244788c610c958cacd740bd
+       NOTE: 
https://git.exim.org/exim.git/commit/158dff9936e36a2d31d037d3988b9353458d6471
+       NOTE: 
https://git.exim.org/exim.git/commit/32da6327e434e986a18b75a84f2d8c687ba14619
 CVE-2022-3558 (The Import and export users and customers WordPress plugin 
before 1.20 ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-3557



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ee1ea484eb6843cb75830ffb868a1a977b46be2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ee1ea484eb6843cb75830ffb868a1a977b46be2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to