[Git][security-tracker-team/security-tracker][master] Add references for CVE-2023-49287/gemmi
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Dec 31 15:22:21 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ecbe9cb1 by Salvatore Bonaccorso at 2023-12-31T16:21:41+01:00
Add references for CVE-2023-49287/gemmi
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5279,6 +5279,8 @@ CVE-2023-49287 (TinyDir is a lightweight C directory and file reader. Buffer ove
NOTE: https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf
NOTE: https://github.com/cxong/tinydir/commit/8124807260735a837226fa151493536591f6715d (1.2.6)
NOTE: https://github.com/hnsecurity/vulns/blob/main/HNS-2023-04-tinydir.txt
+ NOTE: gemmi: https://github.com/project-gemmi/gemmi/issues/292
+ NOTE: gemmi: https://github.com/project-gemmi/gemmi/commit/e142eff1fec1475b62b2ab5e88d3a50b4d7450b5 (v0.6.4)
NOTE: lwip embeds a copy of tinydir, but it's unused, see bug #1059259
CVE-2023-49108 (Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0. ...)
NOT-FOR-US: RakRak Document Plus
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ecbe9cb1626d33ef488644e4430edd7ef64635fe
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ecbe9cb1626d33ef488644e4430edd7ef64635fe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231231/541e27ea/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list