[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Feb 15 16:48:55 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a7c31718 by Moritz Muehlenhoff at 2023-02-15T17:48:34+01:00
bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -235,6 +235,7 @@ CVE-2023-0806
RESERVED
CVE-2023-25727 (In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated use ...)
- phpmyadmin 4:5.2.1+dfsg-1
+ [bullseye] - phpmyadmin <no-dsa> (Minor issue)
NOTE: https://www.phpmyadmin.net/security/PMASA-2023-1/
CVE-2023-25726
RESERVED
@@ -10635,6 +10636,7 @@ CVE-2023-22333 (Cross-site scripting vulnerability in EasyMail 2.00.130 and earl
NOT-FOR-US: EasyMail
CVE-2023-22332 (Information disclosure vulnerability exists in Pgpool-II 4.4.0 to 4.4. ...)
- pgpool2 <unfixed> (bug #1030048)
+ [bullseye] - pgpool2 <no-dsa> (Minor issue)
NOTE: https://www.pgpool.net/mediawiki/index.php/Main_Page#News
CVE-2023-22324 (SQL injection vulnerability in the CONPROSYS HMI System (CHS) Ver.3.5. ...)
NOT-FOR-US: CONPROSYS
@@ -72086,6 +72088,7 @@ CVE-2022-27673 (Insufficient access controls in the AMD Link Android app may pot
CVE-2022-27672 (When SMT is enabled, certain AMD processors may speculatively execute ...)
- linux 6.1.12-1
- xen <unfixed>
+ [bullseye] - xen <not-affected> (Vulnerable code not present)
NOTE: https://www.openwall.com/lists/oss-security/2023/02/14/4
NOTE: https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1045
NOTE: https://xenbits.xen.org/xsa/advisory-426.html
=====================================
data/dsa-needed.txt
=====================================
@@ -16,6 +16,8 @@ apr-util (carnil)
--
apr (carnil)
--
+curl
+--
firefox-esr (jmm)
--
frr
@@ -30,6 +32,8 @@ linux (carnil)
netatalk
open regression with MacOS, tentative patch not yet merged upstream
--
+nss
+--
multipath-tools
Tobias Frost proposed a potential update to be reviewed, maintainer asked to review changes
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7c31718befd1381e7360aee9f0689aee6957cdb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7c31718befd1381e7360aee9f0689aee6957cdb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230215/3dab92ba/attachment.htm>
More information about the debian-security-tracker-commits
mailing list