[Git][security-tracker-team/security-tracker][master] Add three more bzip3 issues: CVE-2023-294{18,19,20}

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Apr 6 09:38:13 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
58490eb5 by Salvatore Bonaccorso at 2023-04-06T10:37:47+02:00
Add three more bzip3 issues: CVE-2023-294{18,19,20}

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4,11 +4,20 @@ CVE-2023-29421 (An issue was discovered in libbzip3.a in bzip3 before 1.2.3. The
 	NOTE: https://github.com/kspalaiologos/bzip3/issues/94
 	NOTE: https://github.com/kspalaiologos/bzip3/commit/33b1951f153c3c5dc8ed736b9110437e1a619b7d (1.2.3)
 CVE-2023-29420 (An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is  ...)
-	TODO: check
+	[experimental] - bzip3 1.2.3-1
+	- bzip3 <unfixed>
+	NOTE: https://github.com/kspalaiologos/bzip3/commit/bb06deb85f1c249838eb938e0dab271d4194f8fa (1.2.3)
+	NOTE: https://github.com/kspalaiologos/bzip3/issues/92
 CVE-2023-29419 (An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is  ...)
-	TODO: check
+	[experimental] - bzip3 1.2.3-1
+	- bzip3 <unfixed>
+	NOTE: https://github.com/kspalaiologos/bzip3/commit/8ec8ce7d3d58bf42dabc47e4cc53aa27051bd602 (1.2.3)
+	NOTE: https://github.com/kspalaiologos/bzip3/issues/92
 CVE-2023-29418 (An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is  ...)
-	TODO: check
+	[experimental] - bzip3 1.2.3-1
+	- bzip3 <unfixed>
+	NOTE: https://github.com/kspalaiologos/bzip3/commit/aae16d107f804f69000c09cd92027a140968cc9d (1.2.3)
+	NOTE: https://github.com/kspalaiologos/bzip3/issues/92
 CVE-2023-29417 (** DISPUTED ** An issue was discovered in libbzip3.a in bzip3 1.2.2. T ...)
 	TODO: check
 CVE-2023-29416 (An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_dec ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58490eb52ce5299e608ff11bf99c9a0de97567a1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58490eb52ce5299e608ff11bf99c9a0de97567a1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230406/0d4e0005/attachment.htm>

More information about the debian-security-tracker-commits mailing list