Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ede0872c by Salvatore Bonaccorso at 2023-08-09T07:58:32+02:00
Add reference to oss-security post for CVE-2023-20569
- - - - -
1 changed file:
- data/CVE/list
Changes:
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2d3ae82d by Salvatore Bonaccorso at 2023-08-09T05:48:03+02:00
Track fixed version for CVE-2023-3750/libvirt via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
/content/www/us/en/security-center/advisory/intel-sa-00828.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20230808
+ NOTE: https://downfall.page/
CVE-2022-40971 (Incorrect default permissions for the Intel(R) HDMI Firmware
Update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7d0ddd4f by Salvatore Bonaccorso at 2023-08-09T05:38:04+02:00
Add intel-microcode to dsa-needed list
- - - - -
1 changed file:
- data/dsa-needed.txt
Changes:
/www/us/en/security-center/advisory/intel-sa-00836.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20230808
CVE-2023-23580 (Stack-based buffer overflow for some Intel(R) Trace Analyzer
and Colle ...)
@@ -61730,7 +61730,7 @@ CVE-2022
Guilhem Moulin pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
62859eb0 by Guilhem Moulin at 2023-08-08T23:00:29+02:00
Triage CVE-2023-30590/nodejs for buster.
This alone doesnt warrant a DLA:
“These design issues in this old API have been around for many
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dbdf715c by Moritz Mühlenhoff at 2023-08-08T22:46:18+02:00
orthanc DSA
- - - - -
2 changed files:
- data/DSA/list
- data/dsa-needed.txt
Changes:
=
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0e11cb08 by Salvatore Bonaccorso at 2023-08-08T22:31:11+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bd5111b0 by Salvatore Bonaccorso at 2023-08-08T22:26:03+02:00
Add CVE-2023-21264/linux
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2e9545e5 by Salvatore Bonaccorso at 2023-08-08T22:16:31+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
200a1cd6 by security tracker role at 2023-08-08T20:12:28+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c3cdab62 by Salvatore Bonaccorso at 2023-08-08T21:40:03+02:00
Fix copy paste error for amd64-microcode version for bullseye
- - - - -
1 changed file:
- data/CVE/list
Changes:
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
35b7fe72 by Salvatore Bonaccorso at 2023-08-08T21:38:52+02:00
Track fixes via unstable for two linux issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
/advisory/intel-sa-00836.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20230808
CVE-2023-23580 (Stack-based buffer overflow for some Intel(R) Trace Analyzer
and Colle ...)
@@ -61395,7 +61395,7 @@ CVE-2022-41815
RESERVED
CVE-2022
-needed.txt
=
@@ -150,6 +150,11 @@ rails
NOTE: 20221024: to break thrice in less than 2 month.
NOTE: 20230131: Utkarsh to start a thread with sec+ruby team with the
possible path forward. (utkarsh)
--
+rar
+ NOTE: 20230808: Added by Front-Desk (Beuc
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c9183602 by Moritz Mühlenhoff at 2023-08-08T21:10:55+02:00
cjose DSA
- - - - -
2 changed files:
- data/DSA/list
- data/dsa-needed.txt
Changes:
=
://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20230808
CVE-2023-23580 (Stack-based buffer overflow for some Intel(R) Trace Analyzer
and Colle ...)
NOT-FOR-US: Intel
CVE-2023-23577
@@ -61392,6 +61395,9 @@ CVE-2022-41815
RESERVED
CVE-2022-41804
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
622a2e08 by Salvatore Bonaccorso at 2023-08-08T20:50:25+02:00
Add CVE-2023-34319/linux
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
Guilhem Moulin pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
49de627d by Guilhem Moulin at 2023-08-08T20:27:45+02:00
Old llhttp parser issues: Add links to PoCs.
These issues are about llhttp, which nodejs embeds since 12.x, but
llhttp is merely a “port of
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d2669d89 by Salvatore Bonaccorso at 2023-08-08T19:53:15+02:00
Add clarifying note about microcode update and Zen3 vs. Zen4 inclusions
- - - - -
1 changed file:
- data/CVE/list
Changes:
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f01e493e by Salvatore Bonaccorso at 2023-08-08T19:23:35+02:00
Add reference for CVE-2023-20569
- - - - -
41f0a901 by Salvatore Bonaccorso at 2023-08-08T19:24:43+02:00
Add references for
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fda70de4 by Sylvain Beucler at 2023-08-08T19:13:07+02:00
CVE-2023-3896/vim: patches, affected versions, buster not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes:
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0d5e7892 by Salvatore Bonaccorso at 2023-08-08T19:07:36+02:00
Add CVE-2022-40982 for Gather Data Sampling (GDS)
- - - - -
1 changed file:
- data/CVE/list
Changes:
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e51275f4 by Salvatore Bonaccorso at 2023-08-08T19:05:41+02:00
Add CVE-2023-20569 for Speculative Return Stack Overflow (SRSO)
- - - - -
1 changed file:
- data/CVE/list
Changes:
-needed.txt
=
@@ -165,6 +165,9 @@ ruby-rails-html-sanitizer
NOTE: 20221231: Added by Front-Desk (ola)
NOTE: 20230303: this cannot be fixed unless ruby-loofah is fixed with
appropriate methods. (utkarsh)
--
+ruby-rmagick (rouca)
+ NOTE: 20230808: Added by Front
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d49df14a by Salvatore Bonaccorso at 2023-08-08T17:33:47+02:00
Add CVE-2023-39978/imagemagick
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1e3f341b by Salvatore Bonaccorso at 2023-08-08T17:27:40+02:00
Update already the status for CVE-2023-39977
Verified it is rejected and will be marked as such in next update. It
was a duplicate
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
962ea749 by Salvatore Bonaccorso at 2023-08-08T17:26:23+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Bastien Roucariès pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6a4f2540 by Bastien Roucariès at 2023-08-08T14:43:47+00:00
Retake imagemagick
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Guilhem Moulin pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
04187550 by Guilhem Moulin at 2023-08-08T14:49:55+02:00
CVE-2023-30589/nodejs: Add links to report and upstream fix.
- - - - -
1 changed file:
- data/CVE/list
Changes:
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7c787fee by Emilio Pozuelo Monfort at 2023-08-08T12:11:49+02:00
Reserve DLA-3521-1 for thunderbird
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b0fc32ad by Emilio Pozuelo Monfort at 2023-08-08T12:08:21+02:00
lts: take thunderbird
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ec80d5f3 by Salvatore Bonaccorso at 2023-08-08T10:44:35+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dca61ea5 by security tracker role at 2023-08-08T08:12:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c5c2ef60 by Salvatore Bonaccorso at 2023-08-08T09:24:46+02:00
Add CVE-2023-4155/linux
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
35 matches
Mail list logo
