[Git][security-tracker-team/security-tracker][master] Add CVE-2023-30079 and CVE-2023-30078

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 23 06:30:44 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
30e6b175 by Salvatore Bonaccorso at 2023-08-23T07:27:59+02:00
Add CVE-2023-30079 and CVE-2023-30078

Notified MITRE that they are duplicates of the already assigned
CVE-2023-22652 and  CVE-2023-32181 and expect they get rejected
(hopefully the two newer ones).

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16453,9 +16453,19 @@ CVE-2023-30081
 CVE-2023-30080
 	RESERVED
 CVE-2023-30079 (A stack overflow vulnerability exists in function read_file in atlibec ...)
-	TODO: check
+	- libeconf 0.5.2+dfsg1-1
+	[bookworm] - libeconf <no-dsa> (Minor issue)
+	[bullseye] - libeconf <no-dsa> (Minor issue)
+	NOTE: https://github.com/openSUSE/libeconf/issues/177
+	NOTE: https://github.com/openSUSE/libeconf/commit/8d086dfc69d4299e55e4844e3573b3a4cf420f19 (v0.5.2)
+	NOTE: Duplicate of CVE-2023-22652
 CVE-2023-30078 (A stack overflow vulnerability exists in function econf_writeFile in f ...)
-	TODO: check
+	- libeconf 0.5.2+dfsg1-1
+	[bookworm] - libeconf <no-dsa> (Minor issue)
+	[bullseye] - libeconf <no-dsa> (Minor issue)
+	NOTE: https://github.com/openSUSE/libeconf/issues/178
+	NOTE: https://github.com/openSUSE/libeconf/commit/8d086dfc69d4299e55e4844e3573b3a4cf420f19 (v0.5.2)
+	NOTE: Duplicate of CVE-2023-32181
 CVE-2023-30077 (Judging Management System v1.0 by oretnom23 was discovered to vulnerab ...)
 	NOT-FOR-US: Judging Management System
 CVE-2023-30076 (Sourcecodester Judging Management System v1.0 is vulnerable to SQL Inj ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e6b1756158471ee9fce61df75a916bfe0893bd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e6b1756158471ee9fce61df75a916bfe0893bd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230823/230f19dd/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list