[Git][security-tracker-team/security-tracker][master] Update information on to be rejected CVE-2023-49355

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8d4c6857 by Salvatore Bonaccorso at 2023-12-20T11:28:35+01:00
Update information on to be rejected CVE-2023-49355

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2390,11 +2390,12 @@ CVE-2023-50463 (The caddy-geo-ip (aka GeoIP) middleware through 0.6.0 for Caddy
 CVE-2023-49964 (An issue was discovered in Hyland Alfresco Community Edition through 7 ...)
 	NOT-FOR-US: Hyland Alfresco Community Edition
 CVE-2023-49355 (decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out- ...)
-	- jq <unfixed>
+	- jq 1.7.1-1
 	[bookworm] - jq <not-affected> (Vulnerable code not present)
 	[bullseye] - jq <not-affected> (Vulnerable code not present)
 	[buster] - jq <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/linzc21/bug-reports/blob/main/reports/jq/1.7-37-g88f01a7/heap-buffer-overflow/CVE-2023-49355.md
+	NOTE: Duplicate of CVE-2023-50246 and requested to be rejected
 CVE-2023-48425 (U-Boot vulnerability resulting in persistent Code Execution)
 	NOT-FOR-US: Google Chromecast (unlikely to affect u-boot as packaged in Debian)
 CVE-2023-48424 (U-Boot shell vulnerability resulting in Privilege escalation in a prod ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d4c6857bd91d6aa858af3cffca4f1c660aae4f7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d4c6857bd91d6aa858af3cffca4f1c660aae4f7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231220/2326a817/attachment.htm>