[Git][security-tracker-team/security-tracker][master] Add CVE-2023-50247/h2o
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Dec 24 13:46:30 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3a226832 by Salvatore Bonaccorso at 2023-12-24T14:46:01+01:00
Add CVE-2023-50247/h2o
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2724,7 +2724,9 @@ CVE-2023-49921
CVE-2023-6687 (An issue was discovered by Elastic whereby Elastic Agent would log a r ...)
NOT-FOR-US: Elastic whereby Elastic Agent
CVE-2023-50247 (h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. Th ...)
- TODO: check
+ - h2o <not-affected> (Vulnerable code introduced later)
+ NOTE: https://github.com/h2o/h2o/security/advisories/GHSA-2ch5-p59c-7mv6
+ NOTE: Fixed by: https://github.com/h2o/h2o/commit/d67e81d03be12a9d53dc8271af6530f40164cd35
CVE-2023-49923 (An issue was discovered by Elastic whereby the Documents API of App Se ...)
NOT-FOR-US: Elastic whereby the Documents API of App Search
CVE-2023-49922 (An issue was discovered by Elastic whereby Beats and Elastic Agent wou ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a226832dfc5f7c4ae4c752c82f119ec29cc01b4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a226832dfc5f7c4ae4c752c82f119ec29cc01b4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231224/294f325a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list