[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Dec 4 09:45:59 GMT 2023



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
edc1de60 by Moritz Muehlenhoff at 2023-12-04T10:40:16+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6,7 +6,7 @@ CVE-2023-5332 (Patch in third party library Consul requires 'enable-script-check
 CVE-2023-49287 (TinyDir is a lightweight C directory and file reader. Buffer overflows ...)
 	TODO: check
 CVE-2023-49108 (Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0. ...)
-	TODO: check
+	NOT-FOR-US: RakRak Document Plus
 CVE-2023-49093 (HtmlUnit is a GUI-less browser for Java programs. HtmlUnit is vulnerab ...)
 	TODO: check
 CVE-2023-47701 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
@@ -182,65 +182,65 @@ CVE-2023-38727 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server
 CVE-2023-38003 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
 	NOT-FOR-US: IBM
 CVE-2023-32870 (In display drm, there is a possible out of bounds read due to a missin ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32869 (In display drm, there is a possible out of bounds write due to a missi ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32868 (In display drm, there is a possible out of bounds write due to a missi ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32867 (In display drm, there is a possible out of bounds write due to a missi ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32866 (In mmp, there is a possible memory corruption due to an incorrect boun ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32865 (In display drm, there is a possible out of bounds write due to an inco ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32864 (In display drm, there is a possible out of bounds write due to an inco ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32863 (In display drm, there is a possible out of bounds read due to a missin ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32862 (In display, there is a possible out of bounds read due to an incorrect ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32861 (In display, there is a possible out of bounds read due to an incorrect ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32860 (In display, there is a possible classic buffer overflow due to a missi ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32859 (In meta, there is a possible classic buffer overflow due to a missing  ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32858 (In GZ, there is a possible information disclosure due to a missing dat ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32857 (In display, there is a possible out of bounds read due to an incorrect ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32856 (In display, there is a possible out of bounds read due to an incorrect ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32855 (In aee, there is a possible escalation of privilege due to a missing p ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32854 (In ril, there is a possible out of bounds write due to a missing bound ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32853 (In rpmb, there is a possible out of bounds write due to a missing boun ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32852 (In cameraisp, there is a possible information disclosure due to improp ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32851 (In decoder, there is a possible out of bounds write due to a missing b ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32850 (In decoder, there is a possible out of bounds write due to an integer  ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32849 (In cmdq, there is a possible out of bounds write due to type confusion ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32848 (In vdec, there is a possible out of bounds write due to type confusion ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32847 (In audio, there is a possible out of bounds write due to a missing bou ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32846 (In 5G Modem, there is a possible system crash due to improper error ha ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32845 (In 5G Modem, there is a possible system crash due to improper error ha ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32844 (In 5G Modem, there is a possible system crash due to improper error ha ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32843 (In 5G Modem, there is a possible system crash due to improper error ha ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32842 (In 5G Modem, there is a possible system crash due to improper error ha ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-32841 (In 5G Modem, there is a possible system crash due to improper error ha ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-49948 (Forgejo before 1.20.5-1 allows remote attackers to test for the existe ...)
 	NOT-FOR-US: Forgejo
 CVE-2023-49947 (Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic ...)
@@ -31768,11 +31768,11 @@ CVE-2022-48466
 CVE-2022-48465
 	RESERVED
 CVE-2022-48464 (In wifi service, there is a possible out of bounds write due to a miss ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-48463 (In wifi service, there is a possible out of bounds write due to a miss ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-48462 (In wifi service, there is a possible out of bounds write due to a miss ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-48461 (In sensor driver, there is a possible out of bounds write due to a mis ...)
 	NOT-FOR-US: Unisoc
 CVE-2022-48460 (In setting service, there is a possible undefined behavior due to inco ...)
@@ -35412,7 +35412,7 @@ CVE-2023-29260 (IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to serve
 CVE-2023-29259 (IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to  ...)
 	NOT-FOR-US: IBM
 CVE-2023-29258 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-29257 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
 	NOT-FOR-US: IBM
 CVE-2023-29256 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edc1de601a0bb5657aff6aa54b93db2380fde3ee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edc1de601a0bb5657aff6aa54b93db2380fde3ee
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231204/2028d366/attachment.htm>


More information about the debian-security-tracker-commits mailing list