[Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Aug 29 22:03:33 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
eb7ca0fb by Moritz Muehlenhoff at 2023-08-29T23:02:42+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -169,20 +169,20 @@ CVE-2023-40997 (Buffer Overflow vulnerability in O-RAN Software Community ric-pl
CVE-2023-40857 (Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remo ...)
NOTE: Non issue, untrusted yara rules not supported, see https://github.com/VirusTotal/yara/issues/1948
CVE-2023-40828 (An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to o ...)
- - libpf4j-java <unfixed>
+ - libpf4j-java <unfixed> (bug #1050834)
[bookworm] - libpf4j-java <no-dsa> (Minor issue)
NOTE: https://github.com/pf4j/pf4j/pull/537
NOTE: https://github.com/pf4j/pf4j/pull/538
NOTE: Fixed by: https://github.com/pf4j/pf4j/commit/8e0aa198c4e652cfc1eb9e05ca9b64397f67cc72
CVE-2023-40827 (An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to o ...)
- - libpf4j-java <unfixed>
+ - libpf4j-java <unfixed> (bug #1050834)
[bookworm] - libpf4j-java <no-dsa> (Minor issue)
NOTE: https://github.com/pf4j/pf4j/issues/536
NOTE: https://github.com/pf4j/pf4j/pull/537
NOTE: https://github.com/pf4j/pf4j/pull/538
NOTE: Fixed by: https://github.com/pf4j/pf4j/commit/8e0aa198c4e652cfc1eb9e05ca9b64397f67cc72
CVE-2023-40826 (An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to o ...)
- - libpf4j-java <unfixed>
+ - libpf4j-java <unfixed> (bug #1050834)
[bookworm] - libpf4j-java <no-dsa> (Minor issue)
NOTE: https://github.com/pf4j/pf4j/issues/536
NOTE: Duplicate/similar to: https://github.com/pf4j/pf4j/issues/526
@@ -19499,7 +19499,7 @@ CVE-2023-29339
CVE-2023-29338 (Visual Studio Code Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-29337 (NuGet Client Remote Code Execution Vulnerability)
- - nuget <unfixed>
+ - nuget <unfixed> (bug #1050835)
[buster] - nuget <postponed> (Can wait for next update)
NOTE: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29337
CVE-2023-29336 (Win32k Elevation of Privilege Vulnerability)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb7ca0fbe9c30d1a868ff114bf690847076b1bf0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb7ca0fbe9c30d1a868ff114bf690847076b1bf0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230829/67693e2b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list