[Git][security-tracker-team/security-tracker][master] Track fixed version for three fava issues fixed via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Feb 6 21:26:11 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a7c1252c by Salvatore Bonaccorso at 2023-02-06T22:25:38+01:00
Track fixed version for three fava issues fixed via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -44167,7 +44167,7 @@ CVE-2022-2590 (A race condition was found in the way the Linux kernel's memory s
 	NOTE: https://lore.kernel.org/all/b314c287-5fc2-9f61-53f6-33282a2bed92@redhat.com/
 	NOTE: https://www.openwall.com/lists/oss-security/2022/08/08/1
 CVE-2022-2589 (Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/ ...)
-	- fava <unfixed> (bug #1016971)
+	- fava 1.23.1-1 (bug #1016971)
 	[bullseye] - fava <no-dsa> (Minor issue)
 	[buster] - fava <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/8705800d-cf2f-433d-9c3e-dbef6a3f7e08/
@@ -45694,7 +45694,7 @@ CVE-2022-34859
 CVE-2022-33963
 	RESERVED
 CVE-2022-2523 (Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/ ...)
-	- fava <unfixed> (bug #1016971)
+	- fava 1.23.1-1 (bug #1016971)
 	[bullseye] - fava <no-dsa> (Minor issue)
 	[buster] - fava <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/2a1802d8-1c2e-4919-96a7-d4dcf7ffcf8f
@@ -45851,7 +45851,7 @@ CVE-2022-33142 (Authenticated (subscriber+) Denial Of Service (DoS) vulnerabilit
 CVE-2022-2515 (The Simple Banner plugin for WordPress is vulnerable to Stored Cross-S ...)
 	NOT-FOR-US: Simple Banner plugin for WordPress
 CVE-2022-2514 (The time and filter parameters in Fava prior to v1.22 are vulnerable t ...)
-	- fava <unfixed> (bug #1016971)
+	- fava 1.23.1-1 (bug #1016971)
 	[bullseye] - fava <no-dsa> (Minor issue)
 	[buster] - fava <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/dbf77139-4384-4dc5-9994-45a5e0747429



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7c1252c4de476d60d3550e5f807a99369ebdfde

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7c1252c4de476d60d3550e5f807a99369ebdfde
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230206/dec5db5d/attachment.htm>

More information about the debian-security-tracker-commits mailing list