Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7652fab0 by Salvatore Bonaccorso at 2026-01-10T09:55:37+01:00
Update status for CVE-2023-46737/cosign
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -239360,7 +239360,9 @@ CVE-2023-47455 (Tenda AX1806 V1.0.0.1 contains a heap
overflow vulnerability in
CVE-2023-46744 (Squidex is an open source headless CMS and content management
hub. In ...)
NOT-FOR-US: Squidex
CVE-2023-46737 (Cosign is a sigstore signing tool for OCI containers. Cosign
is suscep ...)
- NOT-FOR-US: Cosign
+ - cosign <not-affected> (Fixed before initial upload to archive)
+ NOTE:
https://github.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9
+ NOTE: Fixed by:
https://github.com/sigstore/cosign/commit/8ac891ff0e29ddc67965423bee8f826219c6eb0f
(v2.2.1)
CVE-2023-46730 (Group-Office is an enterprise CRM and groupware tool. In
affected vers ...)
NOT-FOR-US: Group-Office CRM
CVE-2023-46501 (An issue in BoltWire v.6.03 allows a remote attacker to obtain
sensiti ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7652fab0ae94514f3c90dfe66ff21a8d6833e77c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7652fab0ae94514f3c90dfe66ff21a8d6833e77c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
