[Git][security-tracker-team/security-tracker][master] new zoneminder issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Feb 28 11:59:43 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fc3027e8 by Moritz Muehlenhoff at 2023-02-28T12:59:05+01:00
new zoneminder issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3107,21 +3107,42 @@ CVE-2023-26041 (Nextcloud Talk is a fully on-premises audio/video and chat commu
 CVE-2023-26040
 	RESERVED
 CVE-2023-26039 (ZoneMinder is a free, open source Closed-circuit television software a ...)
-	TODO: check
+	- zoneminder 1.36.33+dfsg1-1 (unimportant)
+	NOTE: Only supported for trusted users/behind auth
+	NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-44q8-h2pw-cc9g
+	NOTE: https://github.com/ZoneMinder/zoneminder/commit/3bd58d8393fba06f17e013c33b3d44442e3e5be2
 CVE-2023-26038 (ZoneMinder is a free, open source Closed-circuit television software a ...)
-	TODO: check
+	- zoneminder 1.36.33+dfsg1-1 (unimportant)
+	NOTE: Only supported for trusted users/behind auth
+	NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-wrx3-r8c4-r24w
+	NOTE: https://github.com/ZoneMinder/zoneminder/commit/6e417c28eac89664afa46b2fc1f7217622d0ef24
 CVE-2023-26037 (ZoneMinder is a free, open source Closed-circuit television software a ...)
-	TODO: check
+	- zoneminder 1.36.33+dfsg1-1 (unimportant)
+	NOTE: Only supported for trusted users/behind auth
+	NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-65jp-2hj3-3733
+	NOTE: https://github.com/ZoneMinder/zoneminder/commit/4f4ddaab3f982890750594c471bd6b8f72d05dbd
 CVE-2023-26036 (ZoneMinder is a free, open source Closed-circuit television software a ...)
-	TODO: check
+	- zoneminder 1.36.33+dfsg1-1 (unimportant)
+	NOTE: Only supported for trusted users/behind auth
+	NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-h5m9-6jjc-cgmw
+	NOTE: https://github.com/ZoneMinder/zoneminder/commit/3268f95282d4f99d6cec3a6e0a83f341cf48166a
 CVE-2023-26035 (ZoneMinder is a free, open source Closed-circuit television software a ...)
-	TODO: check
+	- zoneminder 1.36.33+dfsg1-1 (unimportant)
+	NOTE: Only supported for trusted users/behind auth
+	NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-72rg-h4vf-29gr
+	NOTE: https://github.com/ZoneMinder/zoneminder/commit/609b22a54d22229a278afe548a32a05a00fc8c13
+	NOTE: https://github.com/ZoneMinder/zoneminder/commit/6ffd2bda1c04ced6ce38bfe829de6e2bf23b7348
 CVE-2023-26034 (ZoneMinder is a free, open source Closed-circuit television software a ...)
-	TODO: check
+	- zoneminder 1.36.33+dfsg1-1 (unimportant)
+	NOTE: Only supported for trusted users/behind auth
+	NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-222j-wh8m-xjrx
 CVE-2023-26033 (Gentoo soko is the code that powers packages.gentoo.org. Versions prio ...)
 	NOT-FOR-US: Gentoo soko
 CVE-2023-26032 (ZoneMinder is a free, open source Closed-circuit television software a ...)
-	TODO: check
+	- zoneminder 1.36.33+dfsg1-1 (unimportant)
+	NOTE: Only supported for trusted users/behind auth
+	NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-6c72-q9mw-mwx9
+	NOTE: https://github.com/ZoneMinder/zoneminder/commit/decf3e307bdadc0a96ffb151d19f4a4605a7cc71
 CVE-2023-26031
 	RESERVED
 CVE-2023-0901 (Exposure of Sensitive Information to an Unauthorized Actor in GitHub r ...)
@@ -3659,7 +3680,12 @@ CVE-2023-25827
 CVE-2023-25826
 	RESERVED
 CVE-2023-25825 (ZoneMinder is a free, open source Closed-circuit television software a ...)
-	TODO: check
+	- zoneminder 1.36.33+dfsg1-1 (unimportant)
+	NOTE: Only supported for trusted users/behind auth
+	NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-68vf-g4qm-jr6v
+	NOTE: https://github.com/ZoneMinder/zoneminder/commit/4637eaf9ea530193e0897ec48899f5638bdd6d81
+	NOTE: https://github.com/ZoneMinder/zoneminder/commit/57bf25d39f12d620693f26068b8441b4f3f0b6c0
+	NOTE: https://github.com/ZoneMinder/zoneminder/commit/e1028c1d7f23cc1e0941b7b37bb6ae5a04364308
 CVE-2023-25824 (Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions  ...)
 	- mod-gnutls <unfixed> (bug #942737)
 	NOTE: https://github.com/airtower-luna/mod_gnutls/security/advisories/GHSA-6cfv-fvgm-7pc8



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc3027e8516c51366fa1d685ad700d551493c9ee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fc3027e8516c51366fa1d685ad700d551493c9ee
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230228/339a65dc/attachment.htm>

More information about the debian-security-tracker-commits mailing list