[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Feb 27 22:20:54 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d243c45b by Moritz Muehlenhoff at 2023-02-27T23:20:28+01:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1880,7 +1880,7 @@ CVE-2023-22342
 CVE-2023-22293
 	RESERVED
 CVE-2023-0996 (There is a vulnerability in the strided image data parsing code in the ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1032101)
 	NOTE: https://github.com/strukturag/libheif/pull/759
 	NOTE: https://govtech-csg.github.io/security-advisories/2023/02/24/CVE-2023-0996.html
 CVE-2023-0995 (Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bum ...)
@@ -4252,7 +4252,7 @@ CVE-2023-0779
 	RESERVED
 CVE-2023-0778
 	RESERVED
-	- libpod <unfixed>
+	- libpod <unfixed> (bug #1032099)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2168256
 	NOTE: https://github.com/containers/podman/commit/6ca857feb07a5fdc96fd947afef03916291673d8
 CVE-2023-25678
@@ -7599,7 +7599,7 @@ CVE-2023-0477
 CVE-2023-0476 (A LDAP injection vulnerability exists in Tenable.sc due to improper va ...)
 	NOT-FOR-US: Tenable
 CVE-2023-0475 (HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompressi ...)
-	- golang-github-hashicorp-go-getter <unfixed>
+	- golang-github-hashicorp-go-getter <unfixed> (bug #1032100)
 	NOTE: https://discuss.hashicorp.com/t/hcsec-2023-4-go-getter-vulnerable-to-denial-of-service-via-malicious-compressed-archive/50125
 CVE-2023-0474 (Use after free in GuestView in Google Chrome prior to 109.0.5414.119 a ...)
 	{DSA-5328-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d243c45b3c2fc3a660137b364f47018dc9c9719b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d243c45b3c2fc3a660137b364f47018dc9c9719b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230227/3ba84af7/attachment.htm>

More information about the debian-security-tracker-commits mailing list