[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Jan 5 11:19:55 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6117b5b6 by Moritz Muehlenhoff at 2023-01-05T12:19:30+01:00
bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -114,6 +114,7 @@ CVE-2023-22603
RESERVED
CVE-2023-0054 (Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145. ...)
- vim <unfixed>
+ [bullseye] - vim <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d
NOTE: https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731 (v9.0.1145)
CVE-2023-0053
@@ -121,15 +122,17 @@ CVE-2023-0053
CVE-2023-0052
RESERVED
CVE-2023-0051 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1 ...)
- - vim <unfixed>
+ - vim <unfixed> (unimportant)
NOTE: https://huntr.dev/bounties/1c8686db-baa6-42dc-ba45-aed322802de9
NOTE: https://github.com/vim/vim/commit/c32949b0779106ed5710ae3bffc5053e49083ab4 (v9.0.1144)
+ NOTE: Crash in CLI tool, no security impact
CVE-2023-0050
RESERVED
CVE-2023-0049 (Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. ...)
- - vim <unfixed>
+ - vim <unfixed> (unimportant)
NOTE: https://huntr.dev/bounties/5e6f325c-ba54-4bf0-b050-dca048fd3fd9
NOTE: https://github.com/vim/vim/commit/7b17eb4b063a234376c1ec909ee293e42cff290c (v9.0.1143)
+ NOTE: Crash in CLI tool, no security impact
CVE-2023-0048 (Code Injection in GitHub repository lirantal/daloradius prior to maste ...)
TODO: check
CVE-2023-0047
@@ -50510,6 +50513,7 @@ CVE-2022-31631
RESERVED
- php8.1 <unfixed>
- php7.4 <removed>
+ [bullseye] - php7.4 <postponed> (Minor issue, fix along in next update)
- php7.3 <removed>
NOTE: Fixed in 8.1.14
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=81740
=====================================
data/dsa-needed.txt
=====================================
@@ -61,6 +61,5 @@ sox
--
tiff
--
-trafficserver
- Maintainer asked for an update
+trafficserver (jmm)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6117b5b68cdcd692a13e4504487cadb48d2b8fb1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6117b5b68cdcd692a13e4504487cadb48d2b8fb1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230105/d412e32e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list