Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: 9883cbe5 by Thorsten Alteholz at 2023-12-24T01:04:13+01:00 mark CVE-2023-48795 as no-dsa for proftpd-dfsg in Buster - - - - - dc1a125e by Thorsten Alteholz at 2023-12-24T01:04:15+01:00 mark CVE-2023-48795 as no-dsa for erlang in Buster - - - - - fe68ad6c by Thorsten Alteholz at 2023-12-24T01:04:16+01:00 mark CVE-2023-51704 as postponed - - - - - f90c2ea0 by Thorsten Alteholz at 2023-12-24T01:04:18+01:00 mark temporary entry as no-dsa for spip in Buster - - - - - e6a8ae29 by Thorsten Alteholz at 2023-12-24T01:04:20+01:00 mark CVE-2023-4255 as no-dsa for Buster - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -179,6 +179,7 @@ CVE-2023-XXXX [XSS issue fixed in 4.1.13 upstream] - spip 4.1.13+dfsg-1 (bug #1059331) [bookworm] - spip <no-dsa> (Minor issue) [bullseye] - spip <no-dsa> (Minor issue) + [buster] - spip <no-dsa> (Minor issue) CVE-2023-7059 (A vulnerability was found in SourceCodester School Visitor Log e-Book ...) NOT-FOR-US: SourceCodester School Visitor Log e-Book CVE-2023-7058 (A vulnerability was found in SourceCodester Simple Student Attendance ...) @@ -224,6 +225,7 @@ CVE-2023-51704 (An issue was discovered in MediaWiki before 1.35.14, 1.36.x thro - mediawiki <unfixed> [bookworm] - mediawiki <postponed> (Minor issue, fix along in next update) [bullseye] - mediawiki <postponed> (Minor issue, fix along in next update) + [buster] - mediawiki <postponed> (Minor issue, fix along in next update) NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitec...@lists.wikimedia.org/thread/TDBUBCCOQJUT4SCHJNPHKQNPBUUETY52/ NOTE: https://phabricator.wikimedia.org/T347726 CVE-2023-51380 (An incorrect authorization vulnerability was identified in GitHub Ente ...) @@ -415,6 +417,7 @@ CVE-2023-4256 (Within tcpreplay's tcprewrite, a double free vulnerability has be NOTE: Crash in CLI tool, no security impact CVE-2023-4255 (An out-of-bounds write issue has been discovered in the backspace hand ...) - w3m <unfixed> (bug #1059265) + [buster] - w3m <no-dsa> (Minor issue) NOTE: https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3 NOTE: https://github.com/tats/w3m/issues/268 NOTE: https://github.com/tats/w3m/pull/273 @@ -1228,6 +1231,7 @@ CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions, foun - erlang 1:25.3.2.8+dfsg-1 (bug #1059002) [bookworm] - erlang <no-dsa> (Minor issue) [bullseye] - erlang <no-dsa> (Minor issue) + [buster] - erlang <no-dsa> (Minor issue) - filezilla 3.66.4-1 - golang-go.crypto <unfixed> (bug #1059003) - jsch <not-affected> (ChaCha20-Poly1305 support introduced in 0.1.61; *-EtM support introduced in 0.1.58) @@ -1241,6 +1245,7 @@ CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions, foun - proftpd-dfsg 1.3.8.b+dfsg-1 (bug #1059144) [bookworm] - proftpd-dfsg <no-dsa> (Minor issue) [bullseye] - proftpd-dfsg <no-dsa> (Minor issue) + [buster] - proftpd-dfsg <no-dsa> (Minor issue) - proftpd-mod-proxy 0.9.3-1 (bug #1059290) [bookworm] - proftpd-mod-proxy <no-dsa> (Minor issue) [bullseye] - proftpd-mod-proxy <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e4968a1025a798e289cbd35cb50cd7267fe92f09...e6a8ae29b8ddd7e6187c4f307ce8c56f376d6b4c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e4968a1025a798e289cbd35cb50cd7267fe92f09...e6a8ae29b8ddd7e6187c4f307ce8c56f376d6b4c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits