[Git][security-tracker-team/security-tracker][master] bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sat Apr 29 11:57:18 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
20fade1e by Moritz Muehlenhoff at 2023-04-29T12:55:45+02:00
bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7670,6 +7670,7 @@ CVE-2023-1545 (SQL Injection in GitHub repository nilsteampassnet/teampass prior
- teampass <itp> (bug #730180)
CVE-2023-1544 (A flaw was found in the QEMU implementation of VMWare's paravirtual RD ...)
- qemu <unfixed> (bug #1034179)
+ [bookworm] - qemu <no-dsa> (Minor issue)
[bullseye] - qemu <no-dsa> (Minor issue)
[buster] - qemu <no-dsa> (Minor issue)
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.html
@@ -15172,6 +15173,8 @@ CVE-2023-26113 (Versions of the package collection.js before 6.8.1 are vulnerabl
NOT-FOR-US: collection.js
CVE-2023-26112 (All versions of the package configobj are vulnerable to Regular Expres ...)
- configobj <unfixed> (bug #1034152)
+ [bookworm] - configobj <no-dsa> (Minor issue)
+ [bullseye] - configobj <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-PYTHON-CONFIGOBJ-3252494
NOTE: https://github.com/DiffSK/configobj/issues/232
CVE-2023-26111 (All versions of the package @nubosoftware/node-static; all versions of ...)
@@ -289388,6 +289391,7 @@ CVE-2019-10181 (It was found that in icedtea-web up to and including 1.7.2 and 1
NOTE: https://github.com/AdoptOpenJDK/IcedTea-Web/commit/528cb8163b7053576a658b9602b5694b21957b0e (1.8)
CVE-2019-10180 (A vulnerability was found in all pki-core 10.x.x version, where the To ...)
- dogtag-pki <unfixed> (bug #1014855)
+ [bookworm] - dogtag-pki <no-dsa> (Minor issue)
[bullseye] - dogtag-pki <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1721137
CVE-2019-10179 (A vulnerability was found in all pki-core 10.x.x versions, where the K ...)
@@ -289397,6 +289401,7 @@ CVE-2019-10179 (A vulnerability was found in all pki-core 10.x.x versions, where
NOTE: https://github.com/dogtagpki/pki/commit/a93a65be0b1bcf94e004ba59c6a0c8a2c086936f (v10.9.0)
CVE-2019-10178 (It was found that the Token Processing Service (TPS) did not properly ...)
- dogtag-pki <unfixed> (bug #1014856)
+ [bookworm] - dogtag-pki <no-dsa> (Minor issue)
[bullseye] - dogtag-pki <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1719042
CVE-2019-10177 (A stored cross-site scripting (XSS) vulnerability was found in the PDF ...)
@@ -391342,6 +391347,7 @@ CVE-2017-1000048 (the web framework using ljharb's qs module older than v6.3.2,
NOT-FOR-US: ljharb
CVE-2017-1000047 (rbenv (all current versions) is vulnerable to Directory Traversal in t ...)
- rbenv <unfixed> (bug #869702)
+ [bookworm] - rbenv <no-dsa> (Minor issue)
[bullseye] - rbenv <no-dsa> (Minor issue)
[buster] - rbenv <no-dsa> (Minor issue)
[stretch] - rbenv <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20fade1e6f5d2c99111cf4c45dce171cfe9ea197
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20fade1e6f5d2c99111cf4c45dce171cfe9ea197
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230429/7a596605/attachment.htm>
More information about the debian-security-tracker-commits
mailing list