Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2d45a939 by Thorsten Alteholz at 2023-10-12T23:25:19+02:00 mark CVE-2023-38473 CVE-2023-38472 CVE-2023-38471 CVE-2023-38470 CVE-2023-38469 as postponed minor issue for Buster - - - - - 3cfa0e18 by Thorsten Alteholz at 2023-10-12T23:31:27+02:00 mark CVE-2023-43643 as no-dsa for Buster - - - - - 3a46a423 by Thorsten Alteholz at 2023-10-12T23:35:33+02:00 mark CVE-2023-3430 as no-dsa for Buster - - - - - 3f7ebff2 by Thorsten Alteholz at 2023-10-12T23:40:05+02:00 mark CVE-2023-42822 as no-dsa for Buster - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1061,6 +1061,7 @@ CVE-2023-43643 (AntiSamy is a library for performing fast, configurable cleansin - libowasp-antisamy-java <unfixed> [bookworm] - libowasp-antisamy-java <no-dsa> (Minor issue) [bullseye] - libowasp-antisamy-java <no-dsa> (Minor issue) + [buster] - libowasp-antisamy-java <no-dsa> (Minor issue) NOTE: https://github.com/nahsra/antisamy/security/advisories/GHSA-pcf2-gh6g-h5r2 NOTE: https://github.com/nahsra/antisamy/commit/05c52b98bb845b8175b8406bd2f391ce334a05d6 (v1.7.4) CVE-2023-42455 (Wazuh is a security detection, visibility, and compliance open source ...) @@ -1445,6 +1446,7 @@ CVE-2023-3430 - openimageio 2.4.13.0+dfsg-1 [bookworm] - openimageio <no-dsa> (Minor issue) [bullseye] - openimageio <no-dsa> (Minor issue) + [buster] - openimageio <no-dsa> (Minor issue) NOTE: https://github.com/OpenImageIO/oiio/issues/3840 NOTE: https://github.com/AcademySoftwareFoundation/OpenImageIO/pull/3841 NOTE: https://github.com/OpenImageIO/oiio/commit/5ff2c56dd28e96f67ed8f80d8a3d1235e51f9957 (v2.4.12.0) @@ -1452,24 +1454,28 @@ CVE-2023-38473 - avahi <unfixed> [bookworm] - avahi <no-dsa> (Minor issue) [bullseye] - avahi <no-dsa> (Minor issue) + [buster] - avahi <postponed> (Minor issue; re-evaluate when fixed upstream) NOTE: https://github.com/lathiat/avahi/issues/451 NOTE: https://www.openwall.com/lists/oss-security/2023/10/06/4 CVE-2023-38472 - avahi <unfixed> [bookworm] - avahi <no-dsa> (Minor issue) [bullseye] - avahi <no-dsa> (Minor issue) + [buster] - avahi <postponed> (Minor issue; re-evaluate when fixed upstream) NOTE: https://github.com/lathiat/avahi/issues/452 NOTE: https://www.openwall.com/lists/oss-security/2023/10/06/4 CVE-2023-38471 - avahi <unfixed> [bookworm] - avahi <no-dsa> (Minor issue) [bullseye] - avahi <no-dsa> (Minor issue) + [buster] - avahi <postponed> (Minor issue; re-evaluate when fixed upstream) NOTE: https://github.com/lathiat/avahi/issues/453 NOTE: https://www.openwall.com/lists/oss-security/2023/10/06/4 CVE-2023-38470 - avahi <unfixed> [bookworm] - avahi <no-dsa> (Minor issue) [bullseye] - avahi <no-dsa> (Minor issue) + [buster] - avahi <postponed> (Minor issue; re-evaluate when fixed upstream) NOTE: https://github.com/lathiat/avahi/issues/454 NOTE: https://github.com/lathiat/avahi/pull/457 NOTE: https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c @@ -2762,6 +2768,7 @@ CVE-2023-42822 (xrdp is an open source remote desktop protocol server. Access to - xrdp <unfixed> (bug #1053284) [bookworm] - xrdp <no-dsa> (Minor issue) [bullseye] - xrdp <no-dsa> (Minor issue) + [buster] - xrdp <no-dsa> (Minor issue) NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-2hjx-rm4f-r9hw NOTE: https://github.com/neutrinolabs/xrdp/commit/73acbe1f7957c65122b00de4d6f57a8d0d257c40 CVE-2023-42657 (In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traver ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9f3250a15b606a2885c8c9a4832248fb2b5ca0c9...3f7ebff2301fccdae2bdc202e3767c221f4e3388 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9f3250a15b606a2885c8c9a4832248fb2b5ca0c9...3f7ebff2301fccdae2bdc202e3767c221f4e3388 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits