[Git][security-tracker-team/security-tracker][master] Add CVE-2023-2941{5,6,,7}/bzip3
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Apr 6 09:58:11 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a3a28eec by Salvatore Bonaccorso at 2023-04-06T10:57:37+02:00
Add CVE-2023-2941{5,6,,7}/bzip3
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19,11 +19,16 @@ CVE-2023-29418 (An issue was discovered in libbzip3.a in bzip3 before 1.2.3. The
NOTE: https://github.com/kspalaiologos/bzip3/commit/aae16d107f804f69000c09cd92027a140968cc9d (1.2.3)
NOTE: https://github.com/kspalaiologos/bzip3/issues/92
CVE-2023-29417 (** DISPUTED ** An issue was discovered in libbzip3.a in bzip3 1.2.2. T ...)
- TODO: check
+ - bzip3 <unfixed> (unimportant)
+ NOTE: https://github.com/kspalaiologos/bzip3/issues/97
+ NOTE: Issue between library and example code not correctly using the API
CVE-2023-29416 (An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_dec ...)
- TODO: check
+ - bzip3 <unfixed>
+ NOTE: https://github.com/kspalaiologos/bzip3/commit/bfa5bf82b53715dfedf048e5859a46cf248668ff (1.3.0)
+ NOTE: https://github.com/kspalaiologos/bzip3/issues/92
CVE-2023-29415 (An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A denial ...)
- TODO: check
+ - bzip3 <unfixed>
+ NOTE: https://github.com/kspalaiologos/bzip3/issues/95
CVE-2023-29414
RESERVED
CVE-2023-29413
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3a28eec6692b4a00116ee35749c1285e83cf5e4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3a28eec6692b4a00116ee35749c1285e83cf5e4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230406/2edba759/attachment.htm>
More information about the debian-security-tracker-commits
mailing list