[Git][security-tracker-team/security-tracker][master] 5 commits: mark CVE-2023-36675 as not-affected for Buster

: 20230111: perma-added for LTS package-specific delegation (bwh) -- +mediawiki + NOTE: 20230701: Added by Front-Desk (ta) +-- nova NOTE: 20230302: Re-add, request by maintainer (Beuc) NOTE: 20230302: zigo says that DLA 3302-1 ships a buster-specific CVE-2022-47951 backport that introduces

[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-33201/bouncycastle

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e8710c44 by Salvatore Bonaccorso at 2023-07-01T21:08:24+02:00 Add Debian bug reference for CVE-2023-33201/bouncycastle - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Add two new gradle CVEs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7dd03cd2 by Salvatore Bonaccorso at 2023-07-01T21:07:30+02:00 Add two new gradle CVEs - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Track fixed version for two linux CVEs via unstable

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 4857a006 by Salvatore Bonaccorso at 2023-07-01T20:32:17+02:00 Track fixed version for two linux CVEs via unstable - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] texlive-bin fixed in sid

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 143de8c1 by Moritz Muehlenhoff at 2023-07-01T20:17:08+02:00 texlive-bin fixed in sid - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] gst-plugins-bad fixed in sid

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c64470a6 by Moritz Muehlenhoff at 2023-07-01T20:16:10+02:00 gst-plugins-bad fixed in sid - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] mediawiki fixed in sid

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: a624e0ab by Moritz Muehlenhoff at 2023-07-01T20:13:52+02:00 mediawiki fixed in sid - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes:

[Git][security-tracker-team/security-tracker][master] cairo fixed in experimental

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: d0a7148d by Moritz Muehlenhoff at 2023-07-01T20:08:43+02:00 cairo fixed in experimental - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 2bb979d0 by Moritz Muehlenhoff at 2023-07-01T20:04:32+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] mark CVE-2020-8908 and CVE-2023-2976 as no-dsa for Buster

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker Commits: 3ecc7e8a by Thorsten Alteholz at 2023-07-01T19:52:53+02:00 mark CVE-2020-8908 and CVE-2023-2976 as no-dsa for Buster - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] mark CVE-2022-2309 as no-dsa for Buster

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker Commits: 3aeaa1e9 by Thorsten Alteholz at 2023-07-01T19:36:46+02:00 mark CVE-2022-2309 as no-dsa for Buster - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] mark CVE-2023-33460 as postponed until newer releases got a fix

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker Commits: 2d10a159 by Thorsten Alteholz at 2023-07-01T19:30:45+02:00 mark CVE-2023-33460 as postponed until newer releases got a fix - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] lts-do-call-me: move info from packages.yml LTS package database

Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker Commits: 4c261f2a by Sylvain Beucler at 2023-07-01T16:54:20+02:00 lts-do-call-me: move info from packages.yml LTS package database - - - - - 1 changed file: - data/packages/lts-do-call-me Changes:

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ab6e2364 by Salvatore Bonaccorso at 2023-07-01T10:32:03+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Clarify with TODO that we think CVE-2023-3117 should be considered duplicate of CVE-2023-3390

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8d8528a2 by Salvatore Bonaccorso at 2023-07-01T10:31:16+02:00 Clarify with TODO that we think CVE-2023-3117 should be considered duplicate of CVE-2023-3390 - - - - - 1 changed file: -

[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 08b6501c by Salvatore Bonaccorso at 2023-07-01T10:28:12+02:00 Process several NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 01beab62 by security tracker role at 2023-07-01T08:12:15+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-33201/bouncycastle

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f6fd3d81 by Salvatore Bonaccorso at 2023-07-01T08:53:29+02:00 Add CVE-2023-33201/bouncycastle - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-3297/accountsservice

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ab34d5b9 by Salvatore Bonaccorso at 2023-07-01T08:50:59+02:00 Add CVE-2023-3297/accountsservice - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-2908/tiff

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: cc53f619 by Salvatore Bonaccorso at 2023-07-01T08:45:15+02:00 Add CVE-2023-2908/tiff - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Track proposed update for cdb-libs via bookworm-pu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 18050c98 by Salvatore Bonaccorso at 2023-07-01T08:38:30+02:00 Track proposed update for cdb-libs via bookworm-pu - - - - - 1 changed file: - data/next-point-update.txt Changes:

[Git][security-tracker-team/security-tracker][master] Sync two linux CVEs with kernel-sec

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 59a95a41 by Salvatore Bonaccorso at 2023-07-01T08:34:52+02:00 Sync two linux CVEs with kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: =