[Git][security-tracker-team/security-tracker][master] bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Feb 27 20:02:35 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9a9f9a19 by Moritz Muehlenhoff at 2023-02-27T21:02:03+01:00
bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7408,6 +7408,7 @@ CVE-2023-0483
CVE-2023-0482 (In RESTEasy the insecure File.createTempFile() is used in the DataSour ...)
- resteasy <unfixed> (bug #1031728)
- resteasy3.0 <unfixed> (bug #1031729)
+ [bookworm] - resteasy3.0 <no-dsa> (Minor issue)
[bullseye] - resteasy3.0 <no-dsa> (Minor issue)
[buster] - resteasy3.0 <no-dsa> (Minor issue)
NOTE: https://github.com/resteasy/resteasy/pull/3409/
@@ -82569,7 +82570,7 @@ CVE-2022-0676 (Heap-based Buffer Overflow in GitHub repository radareorg/radare2
NOTE: https://huntr.dev/bounties/5ad814a1-5dd3-43f4-869b-33b8dab78485
NOTE: https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6
CVE-2022-0675 (In certain situations it is possible for an unmanaged rule to exist on ...)
- - puppet-module-puppetlabs-firewall <unfixed> (bug #1006749)
+ - puppet-module-puppetlabs-firewall 3.4.0-1 (bug #1006749)
[bullseye] - puppet-module-puppetlabs-firewall <no-dsa> (Minor issue)
[buster] - puppet-module-puppetlabs-firewall <no-dsa> (Minor issue)
NOTE: https://github.com/puppetlabs/puppetlabs-firewall/pull/1030/commits/2c0047e09be82dd9e1aa4d93c0cb103f83d2a01e (3.4.0)
@@ -183489,6 +183490,7 @@ CVE-2020-25634 (A flaw was found in Red Hat 3scale’s API docs URL, where i
CVE-2020-25633 (A flaw was found in RESTEasy client in all versions of RESTEasy up to ...)
- resteasy <unfixed> (bug #970585)
- resteasy3.0 <unfixed> (bug #1014983)
+ [bookworm] - resteasy3.0 <ignored> (Minor issue)
[bullseye] - resteasy3.0 <ignored> (Minor issue)
[buster] - resteasy3.0 <ignored> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1879042
@@ -205265,9 +205267,7 @@ CVE-2020-15710 (Potential double free in Bluez 5 module of PulseAudio could allo
NOTE: https://bugs.launchpad.net/ubuntu/%2Bsource/pulseaudio/%2Bbug/1884738
CVE-2020-15709 (Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20 ...)
{DLA-2339-1}
- - software-properties <unfixed> (bug #968850)
- [bullseye] - software-properties <no-dsa> (Minor issue)
- [buster] - software-properties <no-dsa> (Minor issue)
+ - software-properties <unfixed> (unimportant; bug #968850)
NOTE: https://www.openwall.com/lists/oss-security/2020/08/03/1
NOTE: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1890286
CVE-2020-15708 (Ubuntu's packaging of libvirt in 20.04 LTS created a control socket wi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a9f9a19f24d880c8c04b0cb7ddc12f7f6af04c0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a9f9a19f24d880c8c04b0cb7ddc12f7f6af04c0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230227/6be36f96/attachment.htm>
More information about the debian-security-tracker-commits
mailing list