[Git][security-tracker-team/security-tracker][master] Track fixes via unstable for CVE-2023-49082 and CVE-2023-49081
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Dec 15 05:15:43 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2a3427b7 by Salvatore Bonaccorso at 2023-12-15T06:15:07+01:00
Track fixes via unstable for CVE-2023-49082 and CVE-2023-49081
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3066,7 +3066,7 @@ CVE-2023-49094 (Symbolicator is a symbolication service for native stacktraces a
CVE-2023-49087 (xml-security is a library that implements XML signatures and encryptio ...)
NOT-FOR-US: xml-security (SimpleSAMLphp library for XML Security)
CVE-2023-49082 (aiohttp is an asynchronous HTTP client/server framework for asyncio an ...)
- - python-aiohttp <unfixed> (bug #1057164)
+ - python-aiohttp 3.9.1-1 (bug #1057164)
[bookworm] - python-aiohttp <no-dsa> (Minor issue)
[bullseye] - python-aiohttp <no-dsa> (Minor issue)
[buster] - python-aiohttp <postponed> (Minor issue, limited request smuggling)
@@ -3074,7 +3074,7 @@ CVE-2023-49082 (aiohttp is an asynchronous HTTP client/server framework for asyn
NOTE: https://github.com/aio-libs/aiohttp/commit/493f06797654c383242f0e8007f6e06b818a1fbc (master)
NOTE: https://github.com/aio-libs/aiohttp/commit/4075c653fb67a29740bf9ac050bb02d10a57343a (v3.9.0b1)
CVE-2023-49081 (aiohttp is an asynchronous HTTP client/server framework for asyncio an ...)
- - python-aiohttp <unfixed> (bug #1057163)
+ - python-aiohttp 3.9.1-1 (bug #1057163)
[bookworm] - python-aiohttp <no-dsa> (Minor issue)
[bullseye] - python-aiohttp <no-dsa> (Minor issue)
[buster] - python-aiohttp <postponed> (Minor issue, limited request smuggling)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a3427b7b058d0a54e9bf4798ef2acb7d4d898ed
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a3427b7b058d0a54e9bf4798ef2acb7d4d898ed
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231215/8ed90f10/attachment.htm>
More information about the debian-security-tracker-commits
mailing list