[Git][security-tracker-team/security-tracker][master] Add one new temporary entry for spip issue fixed in 4.2.1, 4.1.8, 4.0.10 and 3.2.18
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Feb 27 20:56:06 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
52954e89 by Salvatore Bonaccorso at 2023-02-27T21:55:23+01:00
Add one new temporary entry for spip issue fixed in 4.2.1, 4.1.8, 4.0.10 and 3.2.18
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7538,6 +7538,10 @@ CVE-2023-0481 (In RestEasy Reactive implementation of Quarkus the insecure File.
NOT-FOR-US: Quarkus
CVE-2023-0480
RESERVED
+CVE-2023-XXXX [remote code execution vulnerability in public and private spaces]
+ - spip <unfixed>
+ [buster] - spip 3.2.4-1+deb10u10
+ NOTE: https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-2-1-SPIP-4-1-8-SPIP-4-0-10-et.html
CVE-2023-XXXX [SQL injection, sanitization, and login bypass]
- spip 4.1.7+dfsg-1
[bullseye] - spip 3.2.11-3+deb11u6
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52954e898a633b03340d1968b86968610c3b9fc8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52954e898a633b03340d1968b86968610c3b9fc8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230227/d2bf65d6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list