[Git][security-tracker-team/security-tracker][master] add PHP commit references

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Feb 22 10:52:13 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
49fed8a1 by Moritz Muehlenhoff at 2023-02-22T11:51:46+01:00
add PHP commit references

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3370,6 +3370,7 @@ CVE-2023-0662 (In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before
 	NOTE: Fixed in: 8.2.3
 	NOTE: https://github.com/php/php-src/security/advisories/GHSA-54hq-v5wp-fqgv
 	NOTE: https://github.com/php/php-src/commit/716de0cff539f46294ef70fe75d548cd66766370
+	NOTE: https://github.com/php/php-src/commit/e45850c195dcd5534394cf357a3f776d4916b655 (improvement)
 CVE-2023-0661 (Improper access control in Devolutions Server allows an authenticated  ...)
 	NOT-FOR-US: Devolutions
 CVE-2023-0660
@@ -4705,6 +4706,7 @@ CVE-2023-0568 (In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before
 	- php7.3 <removed>
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=81746
 	NOTE: Fixed in: 8.2.3
+	NOTE: https://github.com/php/php-src/commit/ec10b28d64decbc54aa1e585dce580f0bd7a5953
 CVE-2023-0567 (In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3 ...)
 	- php8.2 <unfixed> (bug #1031368)
 	- php7.4 <removed>
@@ -4712,6 +4714,8 @@ CVE-2023-0567 (In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=81744
 	NOTE: Fixed in 8.2.3
 	NOTE: https://github.com/php/php-src/security/advisories/GHSA-7fj2-8x79-rjf4
+	NOTE: https://github.com/php/php-src/commit/c840f71524067aa474c00c3eacfb83bd860bfc8a
+	NOTE: https://github.com/php/php-src/commit/a92acbad873a05470af1a47cb785a18eadd827b5
 CVE-2022-48302 (The AMS module has a vulnerability of lacking permission verification  ...)
 	NOT-FOR-US: Huawei
 CVE-2022-48301 (The bundle management module lacks permission verification in some API ...)
@@ -66750,6 +66754,7 @@ CVE-2022-29974
 	RESERVED
 CVE-2022-29973 (relan exFAT 1.3.0 allows local users to obtain sensitive information ( ...)
 	- fuse-exfat <unfixed> (bug #1014538)
+	[bookworm] - fuse-exfat <no-dsa> (Minor issue)
 	[bullseye] - fuse-exfat <no-dsa> (Minor issue)
 	[buster] - fuse-exfat <no-dsa> (Minor issue)
 	[stretch] - fuse-exfat <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49fed8a1686e342b626042a40681de183464238a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/49fed8a1686e342b626042a40681de183464238a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230222/29f877d9/attachment.htm>

More information about the debian-security-tracker-commits mailing list