[Git][security-tracker-team/security-tracker][master] Add two new glpi issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 26 17:26:31 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c60df172 by Salvatore Bonaccorso at 2023-01-26T18:26:07+01:00
Add two new glpi issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2423,7 +2423,9 @@ CVE-2023-23612 (OpenSearch is an open source distributed and RESTful search engi
 CVE-2023-23611 (LTI Consumer XBlock implements the consumer side of the LTI specificat ...)
 	NOT-FOR-US: LTI
 CVE-2023-23610 (GLPI is a Free Asset and IT Management Software package. Versions prio ...)
-	TODO: check
+	- glpi <removed> (unimportant)
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-6565-hm87-24hf
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2023-23609 (Contiki-NG is an open-source, cross-platform operating system for Next ...)
 	NOT-FOR-US: Contiki-NG
 CVE-2023-23608 (Spotipy is a light weight Python library for the Spotify Web API. In v ...)
@@ -5173,7 +5175,9 @@ CVE-2023-22727 (CakePHP is a development framework for PHP web apps. In affected
 CVE-2023-22726 (act is a project which allows for local running of github actions. The ...)
 	NOT-FOR-US: act
 CVE-2023-22725 (GLPI is a Free Asset and IT Management Software package. Versions 0.6. ...)
-	TODO: check
+	- glpi <removed> (unimportant)
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-f5g6-fxrw-pfj7
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2023-22724 (GLPI is a Free Asset and IT Management Software package. Versions prio ...)
 	TODO: check
 CVE-2023-22723



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c60df172e81d8c45cfb081878c3af83ea3581975

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c60df172e81d8c45cfb081878c3af83ea3581975
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230126/43ea48e0/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list