[Git][security-tracker-team/security-tracker][master] 3 commits: Add Debian bug reference for CVE-2023-30608/sqlparse

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Apr 19 20:47:10 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
957879af by Salvatore Bonaccorso at 2023-04-19T21:46:46+02:00
Add Debian bug reference for CVE-2023-30608/sqlparse

- - - - -
073d744a by Salvatore Bonaccorso at 2023-04-19T21:46:47+02:00
Add Debian bug reference for CVE-2023-2004/freetype

- - - - -
9d95b8ab by Salvatore Bonaccorso at 2023-04-19T21:46:49+02:00
Add Debian bug reference for CVE-2023-28856/redis

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -757,7 +757,7 @@ CVE-2023-30610
 CVE-2023-30609
 	RESERVED
 CVE-2023-30608 (sqlparse is a non-validating SQL parser module for Python. In affected ...)
-	- sqlparse <unfixed>
+	- sqlparse <unfixed> (bug #1034615)
 	NOTE: https://github.com/andialbrecht/sqlparse/security/advisories/GHSA-rrm6-wvj7-cwh2
 	NOTE: Introduced by: https://github.com/andialbrecht/sqlparse/commit/e75e35869473832a1eb67772b1adfee2db11b85a (0.1.15)
 	NOTE: Fixed by: https://github.com/andialbrecht/sqlparse/commit/c457abd5f097dd13fb21543381e7cfafe7d31cfb (0.4.4)
@@ -1156,7 +1156,7 @@ CVE-2023-2006
 CVE-2023-2005
 	RESERVED
 CVE-2023-2004 (An integer overflow vulnerability was discovered in Freetype in tt_hva ...)
-	- freetype <unfixed>
+	- freetype <unfixed> (bug #1034612)
 	[buster] - freetype <postponed> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50462
 	NOTE: https://github.com/freetype/freetype/commit/e6fda039ad638866b7a6a5d046f03278ba1b7611 (VER-2-13-0)
@@ -5650,7 +5650,7 @@ CVE-2023-1626 (A vulnerability was found in Jianming Antivirus 16.2.2022.418. It
 CVE-2023-28857
 	RESERVED
 CVE-2023-28856 (Redis is an open source, in-memory database that persists on disk. Aut ...)
-	- redis <unfixed>
+	- redis <unfixed> (bug #1034613)
 	NOTE: https://github.com/redis/redis/security/advisories/GHSA-hjv8-vjf6-wcr6
 	NOTE: https://github.com/redis/redis/commit/1c1bd618c95e26a8ff5c12e70cbf0117233ef073 (7.0.11)
 	NOTE: https://github.com/redis/redis/commit/e030e351fd7ae8c1b0254982a4f12a4bd15ac66b (6.2.12)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/aee3f9c684d2d6bbdb0bd3726e25dc58ce6b9f44...9d95b8abc6ba772383b12c403f748ae3ad3f7f79

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/aee3f9c684d2d6bbdb0bd3726e25dc58ce6b9f44...9d95b8abc6ba772383b12c403f748ae3ad3f7f79
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230419/a9689466/attachment.htm>

More information about the debian-security-tracker-commits mailing list