[Git][security-tracker-team/security-tracker][master] "new" chromium issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Aug 1 12:37:19 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9ef7656b by Moritz Mühlenhoff at 2023-08-01T13:36:58+02:00
"new" chromium issues

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9833,7 +9833,9 @@ CVE-2023-31194 (An improper array index validation vulnerability exists in the G
 CVE-2023-27390 (A heap-based buffer overflow vulnerability exists in the Sequence::Dra ...)
 	NOT-FOR-US: Diagon
 CVE-2023-2314 (Insufficient data validation in DevTools in Google Chrome prior to 111 ...)
-	TODO: check
+	{DSA-5371-1}
+	- chromium 111.0.5563.64-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-2313 (Inappropriate implementation in Sandbox in Google Chrome on Windows pr ...)
 	{DSA-5386-1}
 	- chromium 112.0.5615.49-1
@@ -9841,7 +9843,9 @@ CVE-2023-2313 (Inappropriate implementation in Sandbox in Google Chrome on Windo
 CVE-2023-2312
 	RESERVED
 CVE-2023-2311 (Insufficient policy enforcement in File System API in Google Chrome pr ...)
-	TODO: check
+	{DSA-5386-1}
+	- chromium 112.0.5615.49-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2023-2310 (A Channel Accessible by Non-Endpoint vulnerability in the Schweitzer E ...)
 	NOT-FOR-US: Schweitzer Engineering Laboratories
 CVE-2023-2309 (The wpForo Forum WordPress plugin before 2.1.9 does not escape some re ...)
@@ -21966,7 +21970,9 @@ CVE-2023-1111
 CVE-2023-1110
 	RESERVED
 CVE-2022-4926 (Insufficient policy enforcement in Intents in Google Chrome on Android ...)
-	TODO: check
+	{DSA-5328-1}
+	- chromium 109.0.5414.119-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2021-4327 (A vulnerability was found in SerenityOS. It has been rated as critical ...)
 	NOT-FOR-US: SerenityOS
 CVE-2023-27381


=====================================
data/DSA/list
=====================================
@@ -258,7 +258,7 @@
 	{CVE-2023-1668}
 	[bullseye] - openvswitch 2.15.0+ds1-2+deb11u4
 [12 Apr 2023] DSA-5386-1 chromium - security update
-	{CVE-2023-1810 CVE-2023-1811 CVE-2023-1812 CVE-2023-1813 CVE-2023-1814 CVE-2023-1815 CVE-2023-1816 CVE-2023-1817 CVE-2023-1818 CVE-2023-1819 CVE-2023-1820 CVE-2023-1821 CVE-2023-1822 CVE-2023-1823 CVE-2023-2313}
+	{CVE-2023-1810 CVE-2023-1811 CVE-2023-1812 CVE-2023-1813 CVE-2023-1814 CVE-2023-1815 CVE-2023-1816 CVE-2023-1817 CVE-2023-1818 CVE-2023-1819 CVE-2023-1820 CVE-2023-1821 CVE-2023-1822 CVE-2023-1823 CVE-2023-2313 CVE-2023-2311}
 	[bullseye] - chromium 112.0.5615.49-2~deb11u2
 [12 Apr 2023] DSA-5385-1 firefox-esr - security update
 	{CVE-2023-1945 CVE-2023-1999 CVE-2023-29533 CVE-2023-29535 CVE-2023-29536 CVE-2023-29539 CVE-2023-29541 CVE-2023-29548 CVE-2023-29550}
@@ -305,7 +305,7 @@
 	{CVE-2021-22942 CVE-2021-44528 CVE-2022-21831 CVE-2022-22577 CVE-2022-23633 CVE-2022-27777 CVE-2023-22792 CVE-2023-22794 CVE-2023-22795 CVE-2023-22796}
 	[bullseye] - rails 2:6.0.3.7+dfsg-2+deb11u1
 [09 Mar 2023] DSA-5371-1 chromium - security update
-	{CVE-2023-1213 CVE-2023-1214 CVE-2023-1215 CVE-2023-1216 CVE-2023-1217 CVE-2023-1218 CVE-2023-1219 CVE-2023-1220 CVE-2023-1221 CVE-2023-1222 CVE-2023-1223 CVE-2023-1224 CVE-2023-1225 CVE-2023-1226 CVE-2023-1227 CVE-2023-1228 CVE-2023-1229 CVE-2023-1230 CVE-2023-1231 CVE-2023-1232 CVE-2023-1233 CVE-2023-1234 CVE-2023-1235 CVE-2023-1236}
+	{CVE-2023-1213 CVE-2023-1214 CVE-2023-1215 CVE-2023-1216 CVE-2023-1217 CVE-2023-1218 CVE-2023-1219 CVE-2023-1220 CVE-2023-1221 CVE-2023-1222 CVE-2023-1223 CVE-2023-1224 CVE-2023-1225 CVE-2023-1226 CVE-2023-1227 CVE-2023-1228 CVE-2023-1229 CVE-2023-1230 CVE-2023-1231 CVE-2023-1232 CVE-2023-1233 CVE-2023-1234 CVE-2023-1235 CVE-2023-1236 CVE-2023-2314}
 	[bullseye] - chromium 111.0.5563.64-1~deb11u1
 [07 Mar 2023] DSA-5370-1 apr - security update
 	{CVE-2022-24963}
@@ -434,7 +434,7 @@
 	{CVE-2022-3094 CVE-2022-3736 CVE-2022-3924}
 	[bullseye] - bind9 1:9.16.37-1~deb11u1
 [26 Jan 2023] DSA-5328-1 chromium - security update
-	{CVE-2023-0471 CVE-2023-0472 CVE-2023-0473 CVE-2023-0474}
+	{CVE-2023-0471 CVE-2023-0472 CVE-2023-0473 CVE-2023-0474 CVE-2022-4926}
 	[bullseye] - chromium 109.0.5414.119-1~deb11u1
 [24 Jan 2023] DSA-5327-1 swift - security update
 	{CVE-2022-47950}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ef7656bac0e43d555917b62e1eb893dd606cd4c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ef7656bac0e43d555917b62e1eb893dd606cd4c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230801/cc2d59af/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list