[Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Feb 21 15:19:58 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7ea4b589 by Moritz Muehlenhoff at 2023-02-21T16:18:04+01:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31,7 +31,7 @@ CVE-2023-26255
CVE-2023-26254
RESERVED
CVE-2023-26253 (In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bri ...)
- - glusterfs <unfixed>
+ - glusterfs <unfixed> (bug #1031731)
NOTE: https://github.com/gluster/glusterfs/issues/3954
CVE-2023-26252
RESERVED
@@ -146,13 +146,13 @@ CVE-2022-48332
CVE-2022-48331
RESERVED
CVE-2022-48339 (An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has ...)
- - emacs <unfixed>
+ - emacs <unfixed> (bug #1031730)
NOTE: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=1b4dc4691c1f87fc970fbe568b43869a15ad0d4c
CVE-2022-48338 (An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, th ...)
- - emacs <unfixed>
+ - emacs <unfixed> (bug #1031730)
NOTE: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=9a3b08061feea14d6f37685ca1ab8801758bfd1c
CVE-2022-48337 (GNU Emacs through 28.2 allows attackers to execute commands via shell ...)
- - emacs <unfixed>
+ - emacs <unfixed> (bug #1031730)
NOTE: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=01a4035c869b91c153af9a9132c87adb7669ea1c
CVE-2023-26213
RESERVED
@@ -433,7 +433,7 @@ CVE-2023-26083
CVE-2023-26082
RESERVED
CVE-2023-26081 (In Epiphany (aka GNOME Web) through 43.0, untrusted web content can tr ...)
- - epiphany-browser <unfixed>
+ - epiphany-browser <unfixed> (bug #1031727)
NOTE: https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275
NOTE: https://gitlab.gnome.org/GNOME/epiphany/-/commit/53363c3c8178bf9193dad9fa3516f4e10cff0ffd
CVE-2023-26080
@@ -527,7 +527,7 @@ CVE-2023-0913 (A vulnerability classified as critical was found in SourceCodeste
CVE-2023-0912 (A vulnerability classified as critical has been found in SourceCodeste ...)
NOT-FOR-US: SourceCodester Auto Dealer Management System
CVE-2019-25104 (A vulnerability has been found in rtcwcoop 1.0.2 and classified as pro ...)
- - iortcw <unfixed>
+ - iortcw <unfixed> (bug #1031732)
NOTE: https://github.com/rtcwcoop/rtcwcoop/pull/45
NOTE: Reported against a version based on iortcw, but seems missing in iortcw
CVE-2016-15026 (A vulnerability was found in 3breadt dd-plist 1.17 and classified as p ...)
@@ -3622,7 +3622,7 @@ CVE-2023-25000
CVE-2023-24999
RESERVED
CVE-2023-24998 (Apache Commons FileUpload before 1.5 does not limit the number of requ ...)
- - libcommons-fileupload-java <unfixed>
+ - libcommons-fileupload-java <unfixed> (bug #1031733)
[bullseye] - libcommons-fileupload-java <no-dsa> (Minor issue)
NOTE: https://github.com/apache/commons-fileupload/commit/e20c04990f7420ca917e96a84cec58b13a1b3d17
NOTE: https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy
@@ -5053,8 +5053,8 @@ CVE-2023-0484
CVE-2023-0483
RESERVED
CVE-2023-0482 (In RESTEasy the insecure File.createTempFile() is used in the DataSour ...)
- - resteasy <unfixed>
- - resteasy3.0 <unfixed>
+ - resteasy <unfixed> (bug #1031728)
+ - resteasy3.0 <unfixed> (bug #1031729)
[bullseye] - resteasy3.0 <no-dsa> (Minor issue)
[buster] - resteasy3.0 <no-dsa> (Minor issue)
NOTE: https://github.com/resteasy/resteasy/pull/3409/
@@ -75797,13 +75797,13 @@ CVE-2022-26892
CVE-2022-26891 (Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. ...)
NOT-FOR-US: Microsoft
CVE-2022-26061 (A heap-based buffer overflow vulnerability exists in the gif2h5 functi ...)
- - hdf5 <unfixed>
+ - hdf5 <unfixed> (bug #1031726)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1487
CVE-2022-25972 (An out-of-bounds write vulnerability exists in the gif2h5 functionalit ...)
- - hdf5 <unfixed>
+ - hdf5 <unfixed> (bug #1031726)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1485
CVE-2022-25942 (An out-of-bounds read vulnerability exists in the gif2h5 functionality ...)
- - hdf5 <unfixed>
+ - hdf5 <unfixed> (bug #1031726)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1486
CVE-2022-0935 (Host Header injection in password Reset in GitHub repository livehelpe ...)
NOT-FOR-US: livehelperchat
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ea4b58988b7cad5402ab0999b075811a1bb7f2d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ea4b58988b7cad5402ab0999b075811a1bb7f2d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230221/9e28932a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list