Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits: d6cb1cf6 by Chris Lamb at 2023-03-30T09:52:15+01:00 Triage CVE-2023-28862 in lemonldap-ng for buster LTS. - - - - - f5af24b3 by Chris Lamb at 2023-03-30T09:52:49+01:00 Triage CVE-2023-0464, CVE-2023-0465 & CVE-2023-0466 in openssl for buster LTS. - - - - - 5229c1d3 by Chris Lamb at 2023-03-30T09:53:12+01:00 Triage CVE-2023-25809 in runc for buster LTS. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -528,6 +528,7 @@ CVE-2023-28862 RESERVED - lemonldap-ng 2.16.1+ds-1 [bullseye] - lemonldap-ng <no-dsa> (Minor issue) + [buster] - lemonldap-ng <no-dsa> (Minor issue) CVE-2023-28861 RESERVED CVE-2023-28860 @@ -9350,6 +9351,7 @@ CVE-2023-25810 (Uptime Kuma is a self-hosted monitoring tool. In versions prior CVE-2023-25809 (runc is a CLI tool for spawning and running containers according to th ...) - runc 1.1.5+ds1-1 [bullseye] - runc <no-dsa> (Minor issue) + [buster] - runc <no-dsa> (Minor issue) NOTE: https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc NOTE: https://github.com/opencontainers/runc/commit/0e6b818a2b0d24fdb6697614e5c5f115bbe8e3a5 (v1.1.5) CVE-2023-25808 @@ -13436,18 +13438,21 @@ CVE-2023-0467 (The WP Dark Mode WordPress plugin before 4.0.8 does not properly CVE-2023-0466 (The function X509_VERIFY_PARAM_add0_policy() is documented to implicit ...) - openssl <unfixed> [bullseye] - openssl <no-dsa> (Minor issue) + [buster] - openssl <no-dsa> (Minor issue) NOTE: https://www.openssl.org/news/secadv/20230328.txt NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=51e8a84ce742db0f6c70510d0159dad8f7825908 (openssl-3.0) NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a (OpenSSL_1_1_1-stable) CVE-2023-0465 (Applications that use a non-default option when verifying certificates ...) - openssl <unfixed> [bullseye] - openssl <no-dsa> (Minor issue) + [buster] - openssl <no-dsa> (Minor issue) NOTE: https://www.openssl.org/news/secadv/20230328.txt NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1dd43e0709fece299b15208f36cc7c76209ba0bb (openssl-3.0) NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b013765abfa80036dc779dd0e50602c57bb3bf95 (OpenSSL_1_1_1-stable) CVE-2023-0464 (A security vulnerability has been identified in all supported versions ...) - openssl <unfixed> [bullseye] - openssl <no-dsa> (Minor issue) + [buster] - openssl <no-dsa> (Minor issue) NOTE: https://www.openssl.org/news/secadv/20230322.txt NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1 (openssl-3.0) NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b (OpenSSL_1_1_1-stable) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/55b6436d73fc06e6f6fb747b9d5c10adbd37f6df...5229c1d32501fd0cc33b60fb84d306135ad867e4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/55b6436d73fc06e6f6fb747b9d5c10adbd37f6df...5229c1d32501fd0cc33b60fb84d306135ad867e4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits