[Git][security-tracker-team/security-tracker][master] Track fixed version for linux CVEs fixed via unstable upload

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Apr 8 16:45:22 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0b4dd8b6 by Salvatore Bonaccorso at 2023-04-08T17:44:27+02:00
Track fixed version for linux CVEs fixed via unstable upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2599,7 +2599,7 @@ CVE-2023-1857 (A vulnerability was found in SourceCodester Online Computer and L
 CVE-2023-1856 (A vulnerability has been found in SourceCodester Air Cargo Management  ...)
 	NOT-FOR-US: SourceCodester Air Cargo Management System
 CVE-2023-1855 (A use-after-free flaw was found in xgene_hwmon_remove in drivers/hwmon ...)
-	- linux <unfixed>
+	- linux 6.1.20-2
 	NOTE: https://git.kernel.org/linus/cb090e64cf25602b9adaf32d5dfc9c8bec493cd1 (6.3-rc3)
 CVE-2023-1854 (A vulnerability, which was classified as problematic, was found in Sou ...)
 	NOT-FOR-US: SourceCodester Online Graduate Tracer System
@@ -3703,7 +3703,7 @@ CVE-2023-1672
 CVE-2023-1671 (A pre-auth command injection vulnerability in the warn-proceed handler ...)
 	NOT-FOR-US: Sophos
 CVE-2023-1670 (A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-car ...)
-	- linux <unfixed>
+	- linux 6.1.20-2
 	NOTE: https://git.kernel.org/linus/e8d20c3ded59a092532513c9bd030d1ea66f5f44
 CVE-2023-1669
 	RESERVED
@@ -3918,7 +3918,7 @@ CVE-2023-28868
 CVE-2023-28867 (In GraphQL Java (aka graphql-java) before 20.1, an attacker can send a ...)
 	NOT-FOR-US: graphql-java
 CVE-2023-28866 (In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out ...)
-	- linux <unfixed>
+	- linux 6.1.20-2
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
 	[buster] - linux <not-affected> (Vulnerable code not present)
 CVE-2023-28865
@@ -30443,7 +30443,7 @@ CVE-2022-4271 (Cross-site Scripting (XSS) - Reflected in GitHub repository ostic
 CVE-2022-4270 (Incorrect privilege assignment issue in M-Files Web in M-Files Web ver ...)
 	NOT-FOR-US: M-Files Web
 CVE-2022-4269 (A flaw was found in the Linux kernel Traffic Control (TC) subsystem. U ...)
-	- linux <unfixed>
+	- linux 6.1.20-2
 	NOTE: https://lore.kernel.org/netdev/33dc43f587ec1388ba456b4915c75f02a8aae226.1663945716.git.dcaratti@redhat.com/
 CVE-2022-4268 (The Plugin Logic WordPress plugin before 1.0.8 does not sanitise and e ...)
 	NOT-FOR-US: WordPress plugin



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b4dd8b6107e4d42d6d58af7abcbf68af243d23e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b4dd8b6107e4d42d6d58af7abcbf68af243d23e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230408/106d306b/attachment.htm>

More information about the debian-security-tracker-commits mailing list