[Git][security-tracker-team/security-tracker][master] osslsigncode CVEfied

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Jul 3 21:23:55 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
85b41a77 by Moritz Muehlenhoff at 2023-07-03T22:23:30+02:00
osslsigncode CVEfied

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,7 +29,8 @@ CVE-2023-36609 (The affected TBox RTUs run OpenVPN with root privileges and can
 CVE-2023-36608 (The affected TBox RTUs store hashed passwords using MD5 encryption, wh ...)
 	NOT-FOR-US: TBox
 CVE-2023-36377 (Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and befor ...)
-	TODO: check
+	- osslsigncode 2.3.0-1 (bug #1035875)
+	NOTE: https://github.com/mtrojnar/osslsigncode/releases/tag/2.3
 CVE-2023-36291 (Cross Site Scripting vulnerability in Maxsite CMS v.108.7 allows a rem ...)
 	NOT-FOR-US: Maxsite CMS
 CVE-2023-36262 (An issue in OBS Studio OBS-Studio v.29.1.2 allows a local attack to ob ...)
@@ -5400,10 +5401,6 @@ CVE-2023-2630 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/
 	NOT-FOR-US: pimcore
 CVE-2023-2629 (Improper Neutralization of Formula Elements in a CSV File in GitHub re ...)
 	NOT-FOR-US: pimcore
-CVE-2023-XXXX [several critical memory corruption vulnerabilities]
-	- osslsigncode 2.3.0-1 (bug #1035875)
-	NOTE: https://github.com/mtrojnar/osslsigncode/releases/tag/2.3
-	NOTE: CVE Request 1477401 pending (2023-06-20)
 CVE-2023-32573 (In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x thro ...)
 	- qt6-svg 6.4.2-2
 	- qtsvg-opensource-src 5.15.8-3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85b41a777233b66fa7a87c1fb781081d9572717a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85b41a777233b66fa7a87c1fb781081d9572717a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230703/60f442bb/attachment.htm>

More information about the debian-security-tracker-commits mailing list