[Git][security-tracker-team/security-tracker][master] 2 commits: Revert "Remove CVE-2023-39949 from listin in DSA-5481-1"
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 22 21:16:33 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
568e169c by Salvatore Bonaccorso at 2023-08-22T22:13:18+02:00
Revert "Remove CVE-2023-39949 from listin in DSA-5481-1"
This reverts commit 4411a23b85d68ddd4417958b2297eb892788420f.
The fix was not in 2.9.1 but in 2.9.2. So the patch missing was
https://github.com/eProsima/Fast-DDS/commit/3aa3ee0259deaebe3d578e0ec200947bdfe7d06f
.
- - - - -
1cbb1903 by Salvatore Bonaccorso at 2023-08-22T22:15:59+02:00
Correct version information on CVE-2023-39949
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1051,10 +1051,12 @@ CVE-2023-3937 (Cross site scripting vulnerability in web portal in Snow Software
CVE-2023-3864 (Blind SQL injection in a service running in Snow Software license mana ...)
NOT-FOR-US: Snow Software
CVE-2023-39949 (eprosima Fast DDS is a C++ implementation of the Data Distribution Ser ...)
- - fastdds 2.9.1+ds-1
- [bullseye] - fastdds 2.1.0+ds-9+deb11u1
+ {DSA-5481-1}
+ - fastdds 2.10.1+ds-2
NOTE: https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-3jv9-j9x3-95cg
NOTE: https://github.com/eProsima/Fast-DDS/issues/3236
+ NOTE: https://github.com/eProsima/Fast-DDS/commit/3aa3ee0259deaebe3d578e0ec200947bdfe7d06f (v2.10.0)
+ NOTE: https://github.com/eProsima/Fast-DDS/commit/6bc2f8048eb9760dcbd148bdb73492e58da8eb1e (v2.9.2)
CVE-2023-39948 (eprosima Fast DDS is a C++ implementation of the Data Distribution Ser ...)
{DSA-5481-1}
- fastdds 2.10.1+ds-2
=====================================
data/DSA/list
=====================================
@@ -1,5 +1,5 @@
[20 Aug 2023] DSA-5481-1 fastdds - security update
- {CVE-2023-39534 CVE-2023-39945 CVE-2023-39946 CVE-2023-39947 CVE-2023-39948}
+ {CVE-2023-39534 CVE-2023-39945 CVE-2023-39946 CVE-2023-39947 CVE-2023-39948 CVE-2023-39949}
[bullseye] - fastdds 2.1.0+ds-9+deb11u1
[bookworm] - fastdds 2.9.1+ds-1+deb12u1
[18 Aug 2023] DSA-5480-1 linux - security update
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/039f20e7e8985db473a6905f2d7a7eb78a0fdce7...1cbb1903ea971abf66c159ab44facc779572efcf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/039f20e7e8985db473a6905f2d7a7eb78a0fdce7...1cbb1903ea971abf66c159ab44facc779572efcf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230822/0386a97a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list