[Git][security-tracker-team/security-tracker][master] new mujs issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fc9a5910 by Moritz Muehlenhoff at 2023-04-20T15:57:20+02:00
new mujs issue
NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -38931,7 +38931,7 @@ CVE-2023-20863 (In spring framework versions prior to 5.2.24 release+ ,5.3.27+ a
 	NOTE: https://spring.io/security/cve-2023-20863
 	NOTE: Only supported for building applications shipped in Debian, see README.Debian.security
 CVE-2023-20862 (In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prio ...)
-	TODO: check
+	NOT-FOR-US: Spring Security
 CVE-2023-20861 (In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELE ...)
 	- libspring-java <unfixed> (unimportant)
 	NOTE: https://spring.io/security/cve-2023-20861
@@ -142270,7 +142270,9 @@ CVE-2021-33799
 CVE-2021-33798
 	RESERVED
 CVE-2021-33797 (Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1 ...)
-	TODO: check
+	- mujs 1.1.3-2
+	NOTE: https://github.com/ccxvii/mujs/issues/148
+	NOTE: https://github.com/ccxvii/mujs/commit/833b6f1672b4f2991a63c4d05318f0b84ef4d550 (1.1.2)
 CVE-2021-33796
 	RESERVED
 CVE-2021-3573 (A use-after-free in function hci_sock_bound_ioctl() of the Linux kerne ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc9a5910a1c8daeeae8ae3edb82b2016ccd02263

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc9a5910a1c8daeeae8ae3edb82b2016ccd02263
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230420/4280013b/attachment.htm>