[Git][security-tracker-team/security-tracker][master] Mark CVE-2023-4237 as concern for ansible
Bastien Roucariès (@rouca)
rouca at debian.org
Sun Dec 17 15:38:32 GMT 2023
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f4453f3b by Bastien Roucariès at 2023-12-17T15:30:15+00:00
Mark CVE-2023-4237 as concern for ansible
Red hat advisory are pretty confusing.
This patch lie in debian ansible package not ansible-core
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15523,9 +15523,8 @@ CVE-2023-38255 (A potential attacker with or without (cookie theft) access to th
CVE-2023-37611 (Cross Site Scripting (XSS) vulnerability in Neos CMS 8.3.3 allows a re ...)
NOT-FOR-US: Neos CMS
CVE-2023-4237 (A flaw was found in the Ansible Automation Platform. When creating a n ...)
- - ansible 5.4.0-1 (bug #1055300)
+ - ansible <unfixed> (bug #1055300)
[buster] - ansible <no-dsa> (Minor issue)
- - ansible-core <unfixed> (bug #1058885)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2229979
NOTE: https://github.com/advisories/GHSA-ww3m-ffrm-qvqv
NOTE: ansible-core was split off from src:ansible with 4.6.0-1 in experimental/5.4.0-1 in sid
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4453f3b5c4750f553fbeb418e003d9ade1e2849
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4453f3b5c4750f553fbeb418e003d9ade1e2849
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231217/1ba270d6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list