[Git][security-tracker-team/security-tracker][master] 4 commits: Marked mediawiki CVE-2023-29141 as no-dsa also for buster following decision for bullseye.
Ola Lundqvist (@opal)
opal at debian.org
Mon Apr 17 21:50:39 BST 2023
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0f3b8073 by Ola Lundqvist at 2023-04-17T22:43:17+02:00
Marked mediawiki CVE-2023-29141 as no-dsa also for buster following decision for bullseye.
- - - - -
b2f6a325 by Ola Lundqvist at 2023-04-17T22:47:18+02:00
Marked node-xml2js CVE-2023-0842 as no-dsa also for buster following decision for bullseye.
- - - - -
4579ff84 by Ola Lundqvist at 2023-04-17T22:49:03+02:00
Marked pdns-recursor CVE-2023-26437 as no-dsa also for buster following decision for bullseye.
- - - - -
adf349e8 by Ola Lundqvist at 2023-04-17T22:50:02+02:00
Marked python-future CVE-2022-40899 as no-dsa also for buster following decision for bullseye.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4361,6 +4361,7 @@ CVE-2023-29141 (An issue was discovered in MediaWiki before 1.35.10, 1.36.x thro
- mediawiki <unfixed>
[bookworm] - mediawiki <no-dsa> (Minor issue)
[bullseye] - mediawiki <no-dsa> (Minor issue)
+ [buster] - mediawiki <no-dsa> (Minor issue)
NOTE: https://gerrit.wikimedia.org/r/plugins/gitiles/mediawiki/core/+/REL1_39/RELEASE-NOTES-1.39
NOTE: https://phabricator.wikimedia.org/T285159
CVE-2023-29140 (An issue was discovered in the GrowthExperiments extension for MediaWi ...)
@@ -12558,6 +12559,7 @@ CVE-2023-26438
CVE-2023-26437 (Denial of service vulnerability in PowerDNS Recursor allows authoritat ...)
- pdns-recursor 4.8.4-1 (bug #1033941)
[bullseye] - pdns-recursor <no-dsa> (Minor issue)
+ [buster] - pdns-recursor <no-dsa> (Minor issue)
NOTE: https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2023-02.html
NOTE: https://github.com/PowerDNS/pdns/commit/94fccab63457f8327add3a8e1e2b7876234e4989 (rec-4.6.6)
NOTE: https://github.com/PowerDNS/pdns/commit/5174c955a5c320849e6fe12471b7fce1c31ca2a8 (rec-4.7.5)
@@ -14339,6 +14341,7 @@ CVE-2023-0843
CVE-2023-0842 (xml2js version 0.4.23 allows an external attacker to edit or add new p ...)
- node-xml2js <unfixed> (bug #1034148)
[bullseye] - node-xml2js <no-dsa> (Minor issue)
+ [buster] - node-xml2js <no-dsa> (Minor issue)
NOTE: https://fluidattacks.com/advisories/myers/
NOTE: https://github.com/Leonidas-from-XIV/node-xml2js/issues/663
NOTE: https://github.com/Leonidas-from-XIV/node-xml2js/pull/603
@@ -50304,6 +50307,7 @@ CVE-2022-40900
CVE-2022-40899 (An issue discovered in Python Charmers Future 0.18.2 and earlier allow ...)
- python-future <unfixed> (bug #1031699)
[bullseye] - python-future <no-dsa> (Minor issue)
+ [buster] - python-future <no-dsa> (Minor issue)
NOTE: https://github.com/PythonCharmers/python-future/pull/610
NOTE: https://github.com/PythonCharmers/python-future/commit/c91d70b34ef0402aef3e9d04364ba98509dca76f (v0.18.3)
CVE-2022-40898 (An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ce36d41ead449e225f4b46fe53b8ffcd3209258f...adf349e89de2b48e46f7478da3831861e0a7e159
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ce36d41ead449e225f4b46fe53b8ffcd3209258f...adf349e89de2b48e46f7478da3831861e0a7e159
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230417/301c0985/attachment.htm>
More information about the debian-security-tracker-commits
mailing list