[Git][security-tracker-team/security-tracker][master] Annotate upstream commits for CVE-2023-49093

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Dec 31 15:15:21 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
67901701 by Salvatore Bonaccorso at 2023-12-31T16:13:33+01:00
Annotate upstream commits for CVE-2023-49093

For the respective CVE actually only the commit which landed in 3.9.0 is
the one addresing the specific vulnerability. But the second one is
related enabling the feature as well in another codepath.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5286,8 +5286,8 @@ CVE-2023-49093 (HtmlUnit is a GUI-less browser for Java programs. HtmlUnit is vu
 	- jenkins-htmlunit-core-js <removed>
 	- htmlunit <removed>
 	NOTE: https://github.com/HtmlUnit/htmlunit/security/advisories/GHSA-37vq-hr2f-g7h7
-	NOTE: https://github.com/HtmlUnit/htmlunit/commit/e015082aa909fd9e1c2b5f9b26553ddc0ddbbcab
-	NOTE: https://github.com/HtmlUnit/htmlunit/commit/641325bbc84702dc9800ec7037aec061ce21956b
+	NOTE: Fixed by: https://github.com/HtmlUnit/htmlunit/commit/e015082aa909fd9e1c2b5f9b26553ddc0ddbbcab (3.9.0)
+	NOTE: Related: https://github.com/HtmlUnit/htmlunit/commit/641325bbc84702dc9800ec7037aec061ce21956b (3.0.0)
 CVE-2023-47701 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5 ...)
 	NOT-FOR-US: IBM
 CVE-2023-46167 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67901701cae5609574353eeb964740ab362d7269

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67901701cae5609574353eeb964740ab362d7269
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231231/4903275c/attachment.htm>

More information about the debian-security-tracker-commits mailing list