[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-39511/cacti via unstable

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c2f00a61 by Salvatore Bonaccorso at 2023-09-07T06:45:17+02:00 Track fixed version for CVE-2023-39511/cacti via unstable - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-24626/screen

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 324828f4 by Salvatore Bonaccorso at 2023-09-07T06:42:47+02:00 Track fixed version via unstable for CVE-2023-24626/screen - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for cacti issues

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 008c26e8 by Salvatore Bonaccorso at 2023-09-07T06:41:46+02:00 Track fixed version via unstable for cacti issues - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] LTS: claim libraw in dla-needed.txt

/dla-needed.txt = @@ -100,7 +100,7 @@ imagemagick NOTE: 20230622: Added by Front-Desk (Beuc) NOTE: 20230622: Requested by maintainer (rouca) to tidy remaining open CVEs (Beuc/front-desk) -- -libraw +libraw (guilhem) NOTE: 20230906: Added by Front-Desk

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-39511/cacti

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ed442a63 by Salvatore Bonaccorso at 2023-09-06T23:23:13+02:00 Add CVE-2023-39511/cacti - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 38a1a571 by Salvatore Bonaccorso at 2023-09-06T23:22:44+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Adjust unstable version for CVE-2023-1989

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 17bfa234 by Salvatore Bonaccorso at 2023-09-06T23:10:10+02:00 Adjust unstable version for CVE-2023-1989 Link:

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-4622/linux

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 6d227679 by Salvatore Bonaccorso at 2023-09-06T23:04:13+02:00 Add CVE-2023-4622/linux - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-4623/linux

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8fd767a5 by Salvatore Bonaccorso at 2023-09-06T22:54:14+02:00 Add CVE-2023-4623/linux - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Mark for now CVE-2023-4244 as duplicate (both CNAs contacted)

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c3cd4ce7 by Salvatore Bonaccorso at 2023-09-06T22:50:11+02:00 Mark for now CVE-2023-4244 as duplicate (both CNAs contacted) - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-4208/linux

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ec7552dc by Salvatore Bonaccorso at 2023-09-06T22:37:03+02:00 Add CVE-2023-4208/linux - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-4207/linux

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 64d4b068 by Salvatore Bonaccorso at 2023-09-06T22:32:56+02:00 Add CVE-2023-4207/linux - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-4206/linux

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c5c86f0d by Salvatore Bonaccorso at 2023-09-06T22:29:13+02:00 Add CVE-2023-4206/linux - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] add librsvg reference

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 282b5501 by Moritz Muehlenhoff at 2023-09-06T22:26:03+02:00 add librsvg reference - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: bb63b3e5 by Salvatore Bonaccorso at 2023-09-06T22:21:09+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 76a72507 by Salvatore Bonaccorso at 2023-09-06T22:14:21+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f471ae6b by security tracker role at 2023-09-06T20:12:28+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5a4df7f6 by Salvatore Bonaccorso at 2023-09-06T22:02:42+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-41909/frr

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a90ebd11 by Salvatore Bonaccorso at 2023-09-06T21:57:09+02:00 Add CVE-2023-41909/frr - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-41910/lldpd

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f3be3ee1 by Salvatore Bonaccorso at 2023-09-06T21:51:02+02:00 Add CVE-2023-41910/lldpd - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-4540/lua-http

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a5307dca by Salvatore Bonaccorso at 2023-09-06T21:48:52+02:00 Add CVE-2023-4540/lua-http - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add note re. CVE-2020-18839/poppler.

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker Commits: 391e00f3 by Chris Lamb at 2023-09-06T12:02:46-07:00 Add note re. CVE-2020-18839/poppler. - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update note for libraw.

-needed.txt = @@ -102,6 +102,7 @@ imagemagick -- libraw NOTE: 20230906: Added by Front-Desk (lamby) + NOTE: 20230906: Patch for CVE-2023-39615 does not apply cleanly; manually apply to line 21278 of dcraw/dcraw.c? (lamby) -- libreswan (Markus Koschany

[Git][security-tracker-team/security-tracker][master] 5 commits: data/dla-needed.txt: Triage memcached for buster LTS (CVE-2022-48571)

NOTE: 20230622: Added by Front-Desk (Beuc) NOTE: 20230622: Requested by maintainer (rouca) to tidy remaining open CVEs (Beuc/front-desk) -- +libraw + NOTE: 20230906: Added by Front-Desk (lamby) +-- libreswan (Markus Koschany) NOTE: 20230817: Added by Front-Desk (ta) -- @@ -109,6 +112,10

[Git][security-tracker-team/security-tracker][master] Triage CVE-2020-22570 in memcached for buster LTS.

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker Commits: 447f0bef by Chris Lamb at 2023-09-06T11:24:09-07:00 Triage CVE-2020-22570 in memcached for buster LTS. - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Triage CVE-2023-40587 in python-pyramid for buster LTS.

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker Commits: 2eccad7b by Chris Lamb at 2023-09-06T11:22:12-07:00 Triage CVE-2023-40587 in python-pyramid for buster LTS. - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] 5 commits: Triage CVE-2022-26592 & CVE-2022-43357 in libsass for buster LTS.

= data/dla-needed.txt = @@ -57,6 +57,9 @@ dogecoin elfutils (Thorsten Alteholz) NOTE: 20230903: Added by Front-Desk (gladk) -- +exiv2 + NOTE: 20230906: Added by Front-Desk (lamby) +-- file (Thorsten Alteholz) NOTE: 20230901: Added

[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage cacti for buster LTS (CVE-2023-30534)

: 20230906: Added by Front-Desk (lamby) +-- cairosvg NOTE: 20230323: Added by Front-Desk (gladk) NOTE: 20230411: Proposed solution for CVE-2023-27586 in Buster to backport the --unsafe switch, introduced in 1.0.21, might work (dleidert/inactive) View it on GitLab: https://salsa.debian.org

[Git][security-tracker-team/security-tracker][master] cairo fixed in sid

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 430b3849 by Moritz Muehlenhoff at 2023-09-06T15:45:25+02:00 cairo fixed in sid - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 0c561c6a by Moritz Muehlenhoff at 2023-09-06T14:53:24+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] open-vm-tools fixed in sid

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 42695357 by Moritz Muehlenhoff at 2023-09-06T12:45:48+02:00 open-vm-tools fixed in sid - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 912fe749 by Moritz Muehlenhoff at 2023-09-06T12:42:52+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 75ddbc45 by Moritz Muehlenhoff at 2023-09-06T11:29:19+02:00 bullseye/bookworm triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes:

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 194625a2 by Salvatore Bonaccorso at 2023-09-06T11:13:41+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 58e8c7d9 by Salvatore Bonaccorso at 2023-09-06T10:27:48+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 440399be by security tracker role at 2023-09-06T08:17:51+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] NFU

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: e99e4462 by Moritz Muehlenhoff at 2023-09-06T08:56:10+02:00 NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-3592/mosquitto

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0c6657b8 by Salvatore Bonaccorso at 2023-09-06T08:54:43+02:00 Reference upstream commit for CVE-2023-3592/mosquitto - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Add three new mosquitto CVEs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 24e72c07 by Salvatore Bonaccorso at 2023-09-06T08:48:18+02:00 Add three new mosquitto CVEs - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-2089{7,8}/salt

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 328ce24d by Salvatore Bonaccorso at 2023-09-06T08:18:42+02:00 Add CVE-2023-2089{7,8}/salt - - - - - 1 changed file: - data/CVE/list Changes: =