[Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Jan 18 19:04:48 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
601f784f by Moritz Muehlenhoff at 2023-01-18T20:04:26+01:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -374,7 +374,7 @@ CVE-2023-0331
RESERVED
CVE-2023-0330
RESERVED
- - qemu <unfixed>
+ - qemu <unfixed> (bug #1029155)
[bullseye] - qemu <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2160151
NOTE: Proposed patch: https://lists.nongnu.org/archive/html/qemu-devel/2023-01/msg03411.html
@@ -2497,7 +2497,7 @@ CVE-2023-22897
CVE-2023-22896
RESERVED
CVE-2023-22895 (The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denia ...)
- - rust-bzip2 <unfixed>
+ - rust-bzip2 <unfixed> (bug #1029155)
[bullseye] - rust-bzip2 <no-dsa> (Minor issue)
[buster] - rust-bzip2 <no-dsa> (Minor issue)
NOTE: https://github.com/alexcrichton/bzip2-rs/pull/86
@@ -4271,7 +4271,7 @@ CVE-2023-22468
CVE-2023-22467 (Luxon is a library for working with dates and times in JavaScript. On ...)
NOT-FOR-US: Luxon
CVE-2023-22466 (Tokio is a runtime for writing applications with Rust. Starting with v ...)
- - rust-tokio <unfixed>
+ - rust-tokio <unfixed> (bug #1029155)
[bullseye] - rust-tokio <not-affected> (Only affects 1.7.0 and later)
NOTE: https://rustsec.org/advisories/RUSTSEC-2023-0001.html
NOTE: https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7
@@ -5191,7 +5191,7 @@ CVE-2022-47951
RESERVED
CVE-2022-47950
RESERVED
- - swift <unfixed>
+ - swift <unfixed> (bug #1029154)
NOTE: https://www.openwall.com/lists/oss-security/2023/01/17/1
CVE-2022-47949 (The Nintendo NetworkBuffer class, as used in Animal Crossing: New Hori ...)
NOT-FOR-US: Animal Crossing
@@ -7332,9 +7332,9 @@ CVE-2023-21901
CVE-2023-21900 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
TODO: check
CVE-2023-21899 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- - virtualbox <unfixed>
+ - virtualbox <unfixed> (bug #1029153)
CVE-2023-21898 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- - virtualbox <unfixed>
+ - virtualbox <unfixed> (bug #1029153)
CVE-2023-21897
RESERVED
CVE-2023-21896
@@ -7352,51 +7352,51 @@ CVE-2023-21891 (Vulnerability in the Oracle Business Intelligence Enterprise Edi
CVE-2023-21890 (Vulnerability in the Oracle Communications Converged Application Serve ...)
TODO: check
CVE-2023-21889 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- - virtualbox <unfixed>
+ - virtualbox <unfixed> (bug #1029153)
CVE-2023-21888 (Vulnerability in the Primavera Gateway product of Oracle Construction ...)
TODO: check
CVE-2023-21887 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21886 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- - virtualbox <unfixed>
+ - virtualbox <unfixed> (bug #1029153)
CVE-2023-21885 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- - virtualbox <unfixed>
+ - virtualbox <unfixed> (bug #1029153)
CVE-2023-21884 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- - virtualbox <unfixed>
+ - virtualbox <unfixed> (bug #1029153)
CVE-2023-21883 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21882 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21881 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21880 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21879 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21878 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21877 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21876 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21875 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21874 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.31-1
CVE-2023-21873 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21872 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.30-1
CVE-2023-21871 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21870 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21869 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21868 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21867 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21866 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.29-1
CVE-2023-21865 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
@@ -7404,7 +7404,7 @@ CVE-2023-21865 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
CVE-2023-21864 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-8.0 8.0.31-1
CVE-2023-21863 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21862 (Vulnerability in the Oracle Web Services Manager product of Oracle Fus ...)
TODO: check
CVE-2023-21861 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
@@ -7461,7 +7461,7 @@ CVE-2023-21838 (Vulnerability in the Oracle WebLogic Server product of Oracle Fu
CVE-2023-21837 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
TODO: check
CVE-2023-21836 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 <unfixed>
+ - mysql-8.0 <unfixed> (bug #1029151)
CVE-2023-21835 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
- openjdk-11 <unfixed>
- openjdk-17 <unfixed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/601f784f735782503fd623e29cd262bdea7327dc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/601f784f735782503fd623e29cd262bdea7327dc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230118/42a0fe68/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list