[Git][security-tracker-team/security-tracker][master] Add CVE-2023-39975/krb5

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
684e28d0 by Salvatore Bonaccorso at 2023-08-16T23:09:12+02:00
Add CVE-2023-39975/krb5

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26,7 +26,9 @@ CVE-2023-4241 (lol-html can cause panics on certain HTML inputs. Anyone processi
 CVE-2023-4204 (NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected  ...)
 	NOT-FOR-US: NPort IAW5000A-I/O Series firmware
 CVE-2023-39975 (kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a ...)
-	TODO: check
+	- krb5 <not-affected> (Vulnerable code not present)
+	NOTE: Introduced by: https://github.com/krb5/krb5/commit/a9705a1e0b2cf0cde3e6f8dee14c25ffc074c00a (krb5-1.21-beta1)
+	NOTE: Fixed by: https://github.com/krb5/krb5/commit/88a1701b423c13991a8064feeb26952d3641d840
 CVE-2023-39507 (Improper authorization in the custom URL scheme handler in "Rikunabi N ...)
 	NOT-FOR-US: "Rikunabi NEXT" App for Android
 CVE-2023-39250 (Dell Storage Integration Tools for VMware (DSITV) 06.01.00.016 contain ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/684e28d0dd65e70f3110b135329bc5b8c18b757a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/684e28d0dd65e70f3110b135329bc5b8c18b757a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230816/d3e58b2f/attachment.htm>