[Git][security-tracker-team/security-tracker][master] Add CVE-2023-3817/openssl

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 1 08:15:45 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
67ae5215 by Salvatore Bonaccorso at 2023-08-01T09:15:15+02:00
Add CVE-2023-3817/openssl

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,13 @@ CVE-2023-3997 (Splunk SOAR versions 6.0.2 and earlier are indirectly affected by
 CVE-2023-3983 (An authenticated SQL injection vulnerability exists in Advantech iView ...)
 	NOT-FOR-US: Advantech iView
 CVE-2023-3817 (Issue summary: Checking excessively long DH keys or parameters may be  ...)
-	TODO: check
+	- openssl <unfixed>
+	NOTE: https://www.openssl.org/news/secadv/20230731.txt
+	NOTE: https://www.openwall.com/lists/oss-security/2023/07/31/1
+	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1c16253f3c3a8d1e25918c3f404aae6a5b0893de (master)
+	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5 (openssl-3.1)
+	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f (openssl-3.0)
+	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5 (OpenSSL_1_1_1-stable)
 CVE-2023-3508 (The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-3507 (The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67ae5215de9fd56885a2c0dfda9ba86dd79dcafe

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67ae5215de9fd56885a2c0dfda9ba86dd79dcafe
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230801/9fdb5a08/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list