[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jul 7 20:03:19 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
999187a6 by Moritz Muehlenhoff at 2023-07-07T21:02:48+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -113,7 +113,7 @@ CVE-2023-35948 (Novu provides an API for sending notifications through multiple
 CVE-2023-35937 (Metersphere is an open source continuous testing platform. In versions ...)
 	NOT-FOR-US: Metersphere
 CVE-2023-35934 (yt-dlp is a command-line program to download videos from video sites.  ...)
-	- yt-dlp <unfixed>
+	- yt-dlp <unfixed> (bug #1040595)
 	[bookworm] - yt-dlp <no-dsa> (Minor issue)
 	[bullseye] - yt-dlp <no-dsa> (Minor issue)
 	NOTE: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj
@@ -793,7 +793,7 @@ CVE-2023-34487 (itsourcecode Online Hotel Management System Project In PHP v1.0.
 CVE-2023-34486 (itsourcecode Online Hotel Management System Project In PHP v1.0.0 is v ...)
 	NOT-FOR-US: itsourcecode Online Hotel Management System Project
 CVE-2023-33466 (Orthanc before 1.12.0 allows authenticated users with access to the Or ...)
-	- orthanc <unfixed>
+	- orthanc <unfixed> (bug #1040597)
 	NOTE: https://discourse.orthanc-server.org/t/security-advisory-for-orthanc-deployments-running-versions-before-1-12-0/3568
 CVE-2023-33277 (The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and ...)
 	NOT-FOR-US: Gira Giersiepen Gira KNX/IP-Router
@@ -9489,7 +9489,7 @@ CVE-2023-30364
 CVE-2023-30363 (vConsole v3.15.0 was discovered to contain a prototype pollution due t ...)
 	NOT-FOR-US: Tencent vConsole
 CVE-2023-30362 (Buffer Overflow vulnerability in coap_send function in libcoap library ...)
-	- libcoap3 <unfixed>
+	- libcoap3 <unfixed> (bug #1040594)
 	[bookworm] - libcoap3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/obgm/libcoap/issues/1063
 	NOTE: https://github.com/obgm/libcoap/commit/e242200f0af2a418dc9f69eee543feacc13cd851
@@ -9808,7 +9808,7 @@ CVE-2023-30209
 CVE-2023-30208
 	RESERVED
 CVE-2023-30207 (A divide by zero issue discovered in Kodi Home Theater Software 19.5 a ...)
-	- kodi <unfixed>
+	- kodi <unfixed> (bug #1040593)
 	[bookworm] - kodi <no-dsa> (Minor issue)
 	[bullseye] - kodi <no-dsa> (Minor issue)
 	NOTE: https://github.com/xbmc/xbmc/issues/22378
@@ -21972,7 +21972,7 @@ CVE-2023-26134 (Versions of the package git-commit-info before 2.0.2 are vulnera
 CVE-2023-26133 (All versions of the package progressbar.js are vulnerable to Prototype ...)
 	NOT-FOR-US: progressbar.js
 CVE-2023-26132 (Versions of the package dottie before 2.0.4 are vulnerable to Prototyp ...)
-	- node-dottie <unfixed>
+	- node-dottie <unfixed> (bug #1040592)
 	[bookworm] - node-dottie <no-dsa> (Minor issue)
 	[bullseye] - node-dottie <no-dsa> (Minor issue)
 	NOTE: https://security.snyk.io/vuln/SNYK-JS-DOTTIE-3332763



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/999187a68f74d68d881f38edd0cefa7ff2e3102a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/999187a68f74d68d881f38edd0cefa7ff2e3102a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230707/4d3c51e3/attachment.htm>

More information about the debian-security-tracker-commits mailing list