[Git][security-tracker-team/security-tracker][master] Add CVE-2023-24626/screen
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Apr 8 10:41:13 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0a68ee24 by Salvatore Bonaccorso at 2023-04-08T11:40:45+02:00
Add CVE-2023-24626/screen
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16244,7 +16244,10 @@ CVE-2023-24628
CVE-2023-24627
RESERVED
CVE-2023-24626 (socket.c in GNU Screen through 4.9.0, when installed setuid or setgid ...)
- TODO: check
+ - screen <unfixed> (unimportant)
+ NOTE: https://savannah.gnu.org/bugs/?63195 (private)
+ NOTE: https://git.savannah.gnu.org/cgit/screen.git/commit/?id=e9ad41bfedb4537a6f0de20f00b27c7739f168f7
+ NOTE: screen in Debian not installed setuid or setgid
CVE-2023-24625 (Faveo 5.0.1 allows remote attackers to obtain sensitive information vi ...)
NOT-FOR-US: Faveo
CVE-2023-24624
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a68ee24c98c2df118b4031705f718f5ca4fc460
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a68ee24c98c2df118b4031705f718f5ca4fc460
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230408/1f65a44a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list