[Git][security-tracker-team/security-tracker][master] Add CVE-2023-41039/restrictedpython

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0e9dd39d by Salvatore Bonaccorso at 2023-08-30T22:48:21+02:00
Add CVE-2023-41039/restrictedpython

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -51,7 +51,10 @@ CVE-2023-41538 (phpjabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scri
 CVE-2023-41537 (phpjabbers Business Directory Script 3.2 is vulnerable to Cross Site S ...)
 	NOT-FOR-US: PHPJabbers
 CVE-2023-41039 (RestrictedPython is a restricted execution environment for Python to r ...)
-	TODO: check
+	- restrictedpython <unfixed>
+	NOTE: https://github.com/zopefoundation/RestrictedPython/security/advisories/GHSA-xjw2-6jm9-rf67
+	NOTE: Fixed by: https://github.com/zopefoundation/RestrictedPython/commit/4134aedcff17c977da7717693ed89ce56d54c120
+	TODO: check details
 CVE-2023-40848 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)
 	NOT-FOR-US: Tenda
 CVE-2023-40847 (Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Bu ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e9dd39dca6f26e4d7b4d1e3347febdd55c7f71e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e9dd39dca6f26e4d7b4d1e3347febdd55c7f71e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230830/dbd965e7/attachment-0001.htm>