[Git][security-tracker-team/security-tracker][master] Add CVE-2023-41105/python
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 23 19:48:54 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
21b8d4ad by Salvatore Bonaccorso at 2023-08-23T20:48:19+02:00
Add CVE-2023-41105/python
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,16 @@ CVE-2023-4404 (The Donation Forms by Charitable plugin for WordPress is vulnerab
CVE-2023-4041 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
NOT-FOR-US: Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules)
CVE-2023-41105 (An issue was discovered in Python 3.11 through 3.11.4. If a path conta ...)
- TODO: check
+ - python3.12 <unfixed>
+ - python3.11 <unfixed>
+ - python3.10 <not-affected> (Vulnerable code introduced in 3.11.y)
+ - python3.9 <not-affected> (Vulnerable code introduced in 3.11.y)
+ - python3.7 <not-affected> (Vulnerable code introduced in 3.11.y)
+ - python2.7 <not-affected> (Vulnerable code introduced in 3.11.y)
+ NOTE: https://github.com/python/cpython/issues/106242
+ NOTE: https://github.com/python/cpython/pull/107983
+ NOTE: Backport for 3.12: https://github.com/python/cpython/pull/107981
+ NOTE: Backport for 3.11: https://github.com/python/cpython/pull/107982
CVE-2023-41104 (libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x befor ...)
TODO: check
CVE-2023-41100 (An issue was discovered in the hcaptcha (aka hCaptcha for EXT:form) ex ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21b8d4ad8b38b16d9da08f887e308a3e03f19693
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21b8d4ad8b38b16d9da08f887e308a3e03f19693
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230823/b112b022/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list