[Git][security-tracker-team/security-tracker][master] Track fixed version for two linux CVEs via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jul 1 19:32:49 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4857a006 by Salvatore Bonaccorso at 2023-07-01T20:32:17+02:00
Track fixed version for two linux CVEs via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -336,7 +336,7 @@ CVE-2023-3439 (A flaw was found in the MCTP protocol in the Linux kernel. The fu
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/b561275d633bcd8e0e8055ab86f1a13df75a0269 (5.18-rc5)
 CVE-2023-3390 (A use-after-free vulnerability was found in the Linux kernel's netfilt ...)
-	- linux <unfixed>
+	- linux 6.3.11-1
 	NOTE: https://git.kernel.org/linus/1240eb93f0616b21c675416516ff3d74798fdc97 (6.4-rc7)
 	NOTE: https://kernel.dance/#1240eb93f0616b21c675416516ff3d74798fdc97
 CVE-2023-3389 (A use-after-free vulnerability in the Linux Kernel io_uring subsystem  ...)
@@ -7333,7 +7333,7 @@ CVE-2023-2157 (A heap-based buffer overflow vulnerability was found in the Image
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/9a9896fce95d09e5e47b86baccbe1ce1a2fca76b (7.1.1-7)
 	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/7e4c992f148afc5b28111e540921d5b6e4e38673 (6.9.12-85)
 CVE-2023-2156 (A flaw was found in the networking subsystem of the Linux kernel withi ...)
-	- linux <unfixed>
+	- linux 6.3.11-1
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-547/
 	NOTE: https://www.interruptlabs.co.uk//articles/linux-ipv6-route-of-death



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4857a006b2c5418115240d23d1a5c629c292fa06

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4857a006b2c5418115240d23d1a5c629c292fa06
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230701/88c837bb/attachment.htm>

More information about the debian-security-tracker-commits mailing list