[Git][security-tracker-team/security-tracker][master] new starlette issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Apr 24 13:35:26 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
88028fda by Moritz Muehlenhoff at 2023-04-24T14:34:58+02:00
new starlette issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -796,7 +796,10 @@ CVE-2023-30800
CVE-2023-30799
RESERVED
CVE-2023-30798 (There MultipartParser usage in Encode's Starlette python framework bef ...)
- TODO: check
+ - starlette 0.25.0-1
+ [bullseye] - starlette <no-dsa> (Minor issue)
+ NOTE: https://github.com/encode/starlette/commit/8c74c2c8dba7030154f8af18e016136bea1938fa (0.25.0)
+ NOTE: https://github.com/encode/starlette/security/advisories/GHSA-74m5-2c7w-9w3x
CVE-2023-30797 (Netflix Lemur before version 1.3.2 used insufficiently random values w ...)
NOT-FOR-US: Netflix Lemur
CVE-2023-30796
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88028fdad75aa51bddad4a51f282f36b1c143136
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88028fdad75aa51bddad4a51f282f36b1c143136
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230424/cab35103/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list