[Git][security-tracker-team/security-tracker][master] Concluded that CVE-2023-1625 do not require a DLA for buster. It is an...

Tue Apr 18 22:16:49 BST 2023


Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0f8f4753 by Ola Lundqvist at 2023-04-18T23:16:31+02:00
Concluded that CVE-2023-1625 do not require a DLA for buster. It is an information leak vulnerability to authenticated users with low impact.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5693,6 +5693,7 @@ CVE-2023-1625 [information leak in API]
 	RESERVED
 	[experimental] - heat 1:20.0.0~rc1-1
 	- heat 1:19.0.0-2 (bug #1034186)
+	[buster] - heat <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2181621
 	NOTE: https://review.opendev.org/c/openstack/heat/+/868166
 	NOTE: https://github.com/openstack/heat/commit/1305a3152f75c6e62ec5094ea2bfc38f165204cf (20.0.0.0rc1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f8f4753fcf7382dffcc2efd23d07a7fed40db04

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f8f4753fcf7382dffcc2efd23d07a7fed40db04
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230418/251c83ea/attachment.htm>
