[Git][security-tracker-team/security-tracker][master] Add info for CVE-2023-24056/pkgconf
Andrej Shadura (@andrewsh)
andrewsh at debian.org
Sun Jan 22 11:18:04 GMT 2023
Andrej Shadura pushed to branch master at Debian Security Tracker / security-tracker
Commits:
874f66ca by Andrej Shadura at 2023-01-22T12:17:45+01:00
Add info for CVE-2023-24056/pkgconf
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35,7 +35,9 @@ CVE-2023-24058 (Booked Scheduler 2.5.5 allows authenticated users to create and
CVE-2023-24057
RESERVED
CVE-2023-24056 (In pkgconf through 1.9.3, variable duplication can cause unbounded str ...)
- TODO: check
+ - pkgconf 1.8.1-1
+ NOTE: https://gitea.treehouse.systems/ariadne/pkgconf/commit/81cc9b3e6dafcdd02579bcccec6ac47d91e5d023
+ NOTE: https://nullprogram.com/blog/2023/01/18/
CVE-2023-24055 (** DISPUTED ** KeePass through 2.53 (in a default installation) allows ...)
TODO: check
CVE-2023-0434 (Improper Input Validation in GitHub repository pyload/pyload prior to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/874f66cac1f6f50d6f6e010826f3804fe0c203ca
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/874f66cac1f6f50d6f6e010826f3804fe0c203ca
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230122/9212bcb9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list