[Git][security-tracker-team/security-tracker][master] new yt-dlp issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
175c3bff by Moritz Muehlenhoff at 2023-07-07T15:23:00+02:00
new yt-dlp issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -109,7 +109,13 @@ CVE-2023-35948 (Novu provides an API for sending notifications through multiple
 CVE-2023-35937 (Metersphere is an open source continuous testing platform. In versions ...)
 	NOT-FOR-US: Metersphere
 CVE-2023-35934 (yt-dlp is a command-line program to download videos from video sites.  ...)
-	TODO: check
+	- yt-dlp <unfixed>
+	[bookworm] - yt-dlp <no-dsa> (Minor issue)
+	[bullseye] - yt-dlp <no-dsa> (Minor issue)
+	NOTE: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj
+	NOTE: https://github.com/yt-dlp/yt-dlp/commit/1ceb657bdd254ad961489e5060f2ccc7d556b729
+	NOTE: https://github.com/yt-dlp/yt-dlp/commit/3121512228487c9c690d3d39bfd2579addf96e07
+	NOTE: https://github.com/yt-dlp/yt-dlp/commit/f8b4bcc0a791274223723488bfbfc23ea3276641
 CVE-2023-34193 (File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated ...)
 	NOT-FOR-US: Zimbra
 CVE-2023-34192 (Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a rem ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/175c3bff7c860e7e95379fbb53b1e122bda8a2b5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/175c3bff7c860e7e95379fbb53b1e122bda8a2b5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230707/7a09a0b2/attachment.htm>