[Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-28144/hotspot

Tue, 03 Mar 2026 23:42:45 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c5a82713 by Salvatore Bonaccorso at 2026-03-04T08:40:17+01:00
Update status for CVE-2023-28144/hotspot

Consider the commit introducing the opt-in for temporary privilege
escalation as the "fixing commit". Update status for unstable, with the
first version including the change.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -296402,14 +296402,14 @@ CVE-2023-28146
 CVE-2023-28145
        RESERVED
 CVE-2023-28144 (KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default 
configura ...)
-       - hotspot <unfixed> (bug #1033848)
+       - hotspot 1.6.0-0.1 (bug #1033848)
        [bookworm] - hotspot <no-dsa> (Minor issue)
        [bullseye] - hotspot <no-dsa> (Minor issue)
        [buster] - hotspot <not-affected> (Vulnerable code not present, 
introduced in 1.3.0)
        NOTE: https://www.openwall.com/lists/oss-security/2023/03/14/8
        NOTE: Introduced by: 
https://github.com/KDAB/hotspot/commit/3b4682565f0e53f903f3ad0f3f2c0f236d382efb 
(v1.3.0)
        NOTE: Opt-In to allow privilege escalation (and disable by default):
-       NOTE: 
https://github.com/KDAB/hotspot/commit/65a246ce9196462081483fd07d97678dcfe36b9c
+       NOTE: 
https://github.com/KDAB/hotspot/commit/65a246ce9196462081483fd07d97678dcfe36b9c 
(v1.5.0)
 CVE-2023-1356 (Reflected cross-site scripting in the StudentSearch component 
in IDAtt ...)
        NOT-FOR-US: IDAttend's IDWeb application
 CVE-2023-1355 (NULL Pointer Dereference in GitHub repository vim/vim prior to 
9.0.140 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5a827135004575c710f9ac243a789d895c0eb40

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5a827135004575c710f9ac243a789d895c0eb40
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to