[Git][security-tracker-team/security-tracker][master] 2 commits: Revert "Adjust metadata on experimental version for CVE-2023-27476/owslib"

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 10 20:07:50 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5fca3c35 by Salvatore Bonaccorso at 2023-04-10T21:03:12+02:00
Revert "Adjust metadata on experimental version for CVE-2023-27476/owslib"

This reverts commit 71bb1652b165e50da945157cae1d13b2b4457f4f.

0.28.1 upstream fixed the issue as well, we had already correct metadata
on this CVE.

- - - - -
d7a3dada by Salvatore Bonaccorso at 2023-04-10T21:07:18+02:00
Add additional information for CVE-2023-27476

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8629,9 +8629,12 @@ CVE-2023-27478 (libmemcached-awesome is an open source C/C++ client library and
 CVE-2023-27477 (wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code ...)
 	NOT-FOR-US: wasmtime
 CVE-2023-27476 (OWSLib is a Python package for client programming with Open Geospatial ...)
-	[experimental] - owslib 0.29.0-1~exp1
+	[experimental] - owslib 0.28.1-1~exp1
 	- owslib <unfixed> (bug #1034182)
 	NOTE: https://github.com/geopython/OWSLib/commit/d91267303a695d69e73fa71efa100a035852a063 (0.29.0)
+	NOTE: https://github.com/geopython/OWSLib/commit/b0c687544ddc213d8dcd4a056139b63451938b21 (0.28.1)
+	NOTE: https://github.com/geopython/OWSLib/security/advisories/GHSA-8h9c-r582-mggc
+	NOTE: https://securitylab.github.com/advisories/GHSL-2022-131_OWSLib/
 CVE-2023-27475 (Goutil is a collection of miscellaneous functionality for the go langu ...)
 	NOT-FOR-US: Goutil
 CVE-2023-27474 (Directus is a real-time API and App dashboard for managing SQL databas ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c285049620a075835f61c3b4d4a004b17477522c...d7a3dada20be36b08a67ecc5014a51bfe743a205

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c285049620a075835f61c3b4d4a004b17477522c...d7a3dada20be36b08a67ecc5014a51bfe743a205
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230410/79a4127a/attachment.htm>

More information about the debian-security-tracker-commits mailing list