[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 11 21:12:50 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
453e2719 by security tracker role at 2023-07-11T20:12:30+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,409 @@
+CVE-2023-3627 (Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/su ...)
+ TODO: check
+CVE-2023-3626 (A vulnerability, which was classified as critical, has been found in S ...)
+ TODO: check
+CVE-2023-3625 (A vulnerability classified as critical was found in Suncreate Mountain ...)
+ TODO: check
+CVE-2023-3624 (A vulnerability classified as critical has been found in Nesote Inout ...)
+ TODO: check
+CVE-2023-3623 (A vulnerability was found in Suncreate Mountain Flood Disaster Prevent ...)
+ TODO: check
+CVE-2023-3621 (A vulnerability was found in IBOS OA 4.5.5. It has been classified as ...)
+ TODO: check
+CVE-2023-3620 (Cross-site Scripting (XSS) - Stored in GitHub repository amauric/tarte ...)
+ TODO: check
+CVE-2023-3619 (A vulnerability was found in SourceCodester AC Repair and Services Sys ...)
+ TODO: check
+CVE-2023-3617 (A vulnerability was found in SourceCodester Best POS Management System ...)
+ TODO: check
+CVE-2023-37659 (xalpha v0.11.4 is vulnerable to Remote Command Execution (RCE).)
+ TODO: check
+CVE-2023-37658 (fast-poster v2.15.0 is vulnerable to Cross Site Scripting (XSS). File ...)
+ TODO: check
+CVE-2023-37657 (TwoNav v2.0.28-20230624 is vulnerable to Cross Site Scripting (XSS).)
+ TODO: check
+CVE-2023-37656 (WebsiteGuide v0.2 is vulnerable to Remote Command Execution (RCE) via ...)
+ TODO: check
+CVE-2023-37597 (Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0 ...)
+ TODO: check
+CVE-2023-37596 (Cross Site Request Forgery (CSRF) vulnerability in issabel-pbx v.4.0.0 ...)
+ TODO: check
+CVE-2023-37391 (Cross-Site Request Forgery (CSRF) vulnerability in WPMobilePack.Com Wo ...)
+ TODO: check
+CVE-2023-37376 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
+ TODO: check
+CVE-2023-37375 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
+ TODO: check
+CVE-2023-37374 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
+ TODO: check
+CVE-2023-37280 (Pimcore Admin Classic Bundle provides a Backend UI for Pimcore based o ...)
+ TODO: check
+CVE-2023-37271 (RestrictedPython is a tool that helps to define a subset of the Python ...)
+ TODO: check
+CVE-2023-37248 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
+ TODO: check
+CVE-2023-37247 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
+ TODO: check
+CVE-2023-37246 (A vulnerability has been identified in Tecnomatix Plant Simulation V22 ...)
+ TODO: check
+CVE-2023-36884 (Microsoft is investigating reports of a series of remote code executio ...)
+ TODO: check
+CVE-2023-36874 (Windows Error Reporting Service Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-36872 (VP9 Video Extensions Information Disclosure Vulnerability)
+ TODO: check
+CVE-2023-36871 (Azure Active Directory Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2023-36868 (Azure Service Fabric on Windows Information Disclosure Vulnerability)
+ TODO: check
+CVE-2023-36867 (Visual Studio Code GitHub Pull Requests and Issues Extension Remote Co ...)
+ TODO: check
+CVE-2023-36825 (Decidim is a participatory democracy framework, written in Ruby on Rai ...)
+ TODO: check
+CVE-2023-36824 (Redis is an in-memory database that persists on disk. In Redit 7.0 pri ...)
+ TODO: check
+CVE-2023-36755 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2023-36754 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2023-36753 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2023-36752 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2023-36751 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2023-36750 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2023-36749 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2023-36748 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2023-36693 (Cross-Site Request Forgery (CSRF) vulnerability in Alain Gonzalez WP R ...)
+ TODO: check
+CVE-2023-36690 (Cross-Site Request Forgery (CSRF) vulnerability in VibeThemes WPLMS th ...)
+ TODO: check
+CVE-2023-36687 (Cross-Site Request Forgery (CSRF) vulnerability in Andrea Tarantini Me ...)
+ TODO: check
+CVE-2023-36538 (Improper access control in Zoom Rooms before version 5.15.0 may allow ...)
+ TODO: check
+CVE-2023-36537 (Improper privilege management in Zoom Rooms before version 5.14.5 may ...)
+ TODO: check
+CVE-2023-36536 (Untrusted search path in the installer for Zoom Rooms before version 5 ...)
+ TODO: check
+CVE-2023-36522 (Cross-Site Request Forgery (CSRF) vulnerability in WePupil Quiz Expert ...)
+ TODO: check
+CVE-2023-36521 (A vulnerability has been identified in SIMATIC MV540 H (All versions < ...)
+ TODO: check
+CVE-2023-36390 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2023-36389 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2023-36386 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2023-36293 (SQL injection vulnerability in wmanager v.1.0.7 and before allows a re ...)
+ TODO: check
+CVE-2023-36167 (An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute a ...)
+ TODO: check
+CVE-2023-36164 (An issue in MiniTool Partition Wizard ShadowMaker v.12.7 allows an att ...)
+ TODO: check
+CVE-2023-36163 (Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 ...)
+ TODO: check
+CVE-2023-35921 (A vulnerability has been identified in SIMATIC MV540 H (All versions < ...)
+ TODO: check
+CVE-2023-35920 (A vulnerability has been identified in SIMATIC MV540 H (All versions < ...)
+ TODO: check
+CVE-2023-35913 (Cross-Site Request Forgery (CSRF) vulnerability in OOPSpam OOPSpam Ant ...)
+ TODO: check
+CVE-2023-35780 (Cross-Site Request Forgery (CSRF) vulnerability in Andy Whalen Galleri ...)
+ TODO: check
+CVE-2023-35778 (Cross-Site Request Forgery (CSRF) vulnerability in Neha Goel Recent Po ...)
+ TODO: check
+CVE-2023-35773 (Cross-Site Request Forgery (CSRF) vulnerability in Danny Hearnah - Chu ...)
+ TODO: check
+CVE-2023-35374 (Paint 3D Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35373 (Mono Authenticode Validation Spoofing Vulnerability)
+ TODO: check
+CVE-2023-35367 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
+ TODO: check
+CVE-2023-35366 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
+ TODO: check
+CVE-2023-35365 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
+ TODO: check
+CVE-2023-35364 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35363 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35362 (Windows Clip Service Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35361 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35360 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35358 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35357 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35356 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35353 (Connected User Experiences and Telemetry Elevation of Privilege Vulner ...)
+ TODO: check
+CVE-2023-35352 (Windows Remote Desktop Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2023-35351 (Windows Active Directory Certificate Services (AD CS) Remote Code Exec ...)
+ TODO: check
+CVE-2023-35350 (Windows Active Directory Certificate Services (AD CS) Remote Code Exec ...)
+ TODO: check
+CVE-2023-35348 (Active Directory Federation Service Security Feature Bypass Vulnerabil ...)
+ TODO: check
+CVE-2023-35347 (Microsoft Install Service Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35346 (Windows DNS Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35345 (Windows DNS Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35344 (Windows DNS Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35343 (Windows Geolocation Service Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35342 (Windows Image Acquisition Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35341 (Microsoft DirectMusic Information Disclosure Vulnerability)
+ TODO: check
+CVE-2023-35340 (Windows CNG Key Isolation Service Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35339 (Windows CryptoAPI Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-35338 (Windows Peer Name Resolution Protocol Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-35337 (Win32k Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35336 (Windows MSHTML Platform Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2023-35335 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
+ TODO: check
+CVE-2023-35333 (MediaWiki PandocUpload Extension Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35332 (Windows Remote Desktop Protocol Security Feature Bypass)
+ TODO: check
+CVE-2023-35331 (Windows Local Security Authority (LSA) Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-35330 (Windows Extended Negotiation Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-35329 (Windows Authentication Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-35328 (Windows Transaction Manager Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35326 (Windows CDP User Components Information Disclosure Vulnerability)
+ TODO: check
+CVE-2023-35325 (Windows Print Spooler Information Disclosure Vulnerability)
+ TODO: check
+CVE-2023-35324 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...)
+ TODO: check
+CVE-2023-35323 (Windows OLE Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35322 (Windows Deployment Services Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35321 (Windows Deployment Services Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-35320 (Connected User Experiences and Telemetry Elevation of Privilege Vulner ...)
+ TODO: check
+CVE-2023-35319 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-35318 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-35317 (Windows Server Update Service (WSUS) Elevation of Privilege Vulnerabil ...)
+ TODO: check
+CVE-2023-35316 (Remote Procedure Call Runtime Information Disclosure Vulnerability)
+ TODO: check
+CVE-2023-35315 (Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerabil ...)
+ TODO: check
+CVE-2023-35314 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-35313 (Windows Online Certificate Status Protocol (OCSP) SnapIn Remote Code E ...)
+ TODO: check
+CVE-2023-35312 (Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35311 (Microsoft Outlook Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2023-35310 (Windows DNS Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35309 (Microsoft Message Queuing Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35308 (Windows MSHTML Platform Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2023-35306 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...)
+ TODO: check
+CVE-2023-35305 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35304 (Windows Kernel Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-35303 (USB Audio Class System Driver Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35302 (Microsoft PostScript and PCL6 Class Printer Driver Remote Code Executi ...)
+ TODO: check
+CVE-2023-35300 (Remote Procedure Call Runtime Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-35299 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
+ TODO: check
+CVE-2023-35298 (HTTP.sys Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-35297 (Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulner ...)
+ TODO: check
+CVE-2023-35296 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...)
+ TODO: check
+CVE-2023-35091 (Cross-Site Request Forgery (CSRF) vulnerability in StoreApps Stock Man ...)
+ TODO: check
+CVE-2023-35047 (Cross-Site Request Forgery (CSRF) vulnerability in AREOI All Bootstrap ...)
+ TODO: check
+CVE-2023-35044 (Cross-Site Request Forgery (CSRF) vulnerability in Drew Phillips Secur ...)
+ TODO: check
+CVE-2023-34561 (A buffer overflow in the level parsing code of RobTop Games AB Geometr ...)
+ TODO: check
+CVE-2023-34185 (Cross-Site Request Forgery (CSRF) vulnerability in John Brien WordPres ...)
+ TODO: check
+CVE-2023-34119 (Insecure temporary file in the installer for Zoom Rooms before version ...)
+ TODO: check
+CVE-2023-34118 (Improper privilege management in Zoom Rooms before version 5.14.5 may ...)
+ TODO: check
+CVE-2023-34117 (Relative path traversal in the Zoom Client SDK before version 5.15.0 m ...)
+ TODO: check
+CVE-2023-34116 (Improper input validation in the Zoom Desktop Client for Windows befor ...)
+ TODO: check
+CVE-2023-34090 (Decidim is a participatory democracy framework, written in Ruby on Rai ...)
+ TODO: check
+CVE-2023-34089 (Decidim is a participatory democracy framework, written in Ruby on Rai ...)
+ TODO: check
+CVE-2023-34029 (Cross-Site Request Forgery (CSRF) vulnerability in Prem Tiwari Disable ...)
+ TODO: check
+CVE-2023-34015 (Cross-Site Request Forgery (CSRF) vulnerability in PI Websolution Cond ...)
+ TODO: check
+CVE-2023-33174 (Windows Cryptographic Information Disclosure Vulnerability)
+ TODO: check
+CVE-2023-33173 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-33172 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-33171 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
+ TODO: check
+CVE-2023-33170 (ASP.NET and Visual Studio Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2023-33169 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-33168 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-33167 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-33166 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-33165 (Microsoft SharePoint Server Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2023-33164 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-33163 (Windows Network Load Balancing Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-33162 (Microsoft Excel Information Disclosure Vulnerability)
+ TODO: check
+CVE-2023-33161 (Microsoft Excel Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-33160 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-33159 (Microsoft SharePoint Server Spoofing Vulnerability)
+ TODO: check
+CVE-2023-33158 (Microsoft Excel Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-33157 (Microsoft SharePoint Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-33156 (Microsoft Defender Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-33155 (Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerab ...)
+ TODO: check
+CVE-2023-33154 (Windows Partition Management Driver Elevation of Privilege Vulnerabili ...)
+ TODO: check
+CVE-2023-33153 (Microsoft Outlook Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-33152 (Microsoft ActiveX Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-33151 (Microsoft Outlook Spoofing Vulnerability)
+ TODO: check
+CVE-2023-33150 (Microsoft Office Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2023-33149 (Microsoft Office Graphics Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-33148 (Microsoft Office Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-33134 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-33127 (.NET and Visual Studio Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-32693 (Decidim is a participatory democracy framework, written in Ruby on Rai ...)
+ TODO: check
+CVE-2023-32104 (Cross-Site Request Forgery (CSRF) vulnerability in Mark Tilly MyCurato ...)
+ TODO: check
+CVE-2023-32085 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...)
+ TODO: check
+CVE-2023-32084 (HTTP.sys Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-32083 (Microsoft Failover Cluster Information Disclosure Vulnerability)
+ TODO: check
+CVE-2023-32057 (Microsoft Message Queuing Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-32056 (Windows Server Update Service (WSUS) Elevation of Privilege Vulnerabil ...)
+ TODO: check
+CVE-2023-32055 (Active Template Library Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-32054 (Volume Shadow Copy Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-32053 (Windows Installer Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-32052 (Microsoft Power Apps Spoofing Vulnerability)
+ TODO: check
+CVE-2023-32051 (Raw Image Extension Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-32050 (Windows Installer Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-32049 (Windows SmartScreen Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2023-32047 (Paint 3D Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-32046 (Windows MSHTML Platform Elevation of Privilege Vulnerability)
+ TODO: check
+CVE-2023-32045 (Microsoft Message Queuing Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-32044 (Microsoft Message Queuing Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-32043 (Windows Remote Desktop Security Feature Bypass Vulnerability)
+ TODO: check
+CVE-2023-32042 (OLE Automation Information Disclosure Vulnerability)
+ TODO: check
+CVE-2023-32041 (Windows Update Orchestrator Service Information Disclosure Vulnerabili ...)
+ TODO: check
+CVE-2023-32040 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...)
+ TODO: check
+CVE-2023-32039 (Microsoft PostScript and PCL6 Class Printer Driver Information Disclos ...)
+ TODO: check
+CVE-2023-32038 (Microsoft ODBC Driver Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-32037 (Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerabi ...)
+ TODO: check
+CVE-2023-32035 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-32034 (Remote Procedure Call Runtime Denial of Service Vulnerability)
+ TODO: check
+CVE-2023-32033 (Microsoft Failover Cluster Remote Code Execution Vulnerability)
+ TODO: check
+CVE-2023-31818 (An issue found in Marukyu Line v.13.4.1 allows a remote attacker to ga ...)
+ TODO: check
+CVE-2023-31191 (DroneScout ds230 Remote ID receiver from BlueMark Innovations is affec ...)
+ TODO: check
+CVE-2023-31190 (DroneScout ds230 Remote ID receiver from BlueMark Innovations is affec ...)
+ TODO: check
+CVE-2023-2746 (The Rockwell Automation Enhanced HIM software contains an API that t ...)
+ TODO: check
+CVE-2023-29156 (DroneScout ds230 Remote ID receiver from BlueMark Innovationsis affect ...)
+ TODO: check
+CVE-2022-48521 (An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through ...)
+ TODO: check
CVE-2023-36543
- airflow <itp> (bug #819700)
CVE-2023-35908
@@ -1358,7 +1764,7 @@ CVE-2023-3355 (A NULL pointer dereference flaw was found in the Linux kernel's d
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d839f0811a31322c087a859c2b181e2383daa7be (6.3-rc1)
-CVE-2023-3354 [VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service]
+CVE-2023-3354 (A flaw was found in the QEMU built-in VNC server. When a client connec ...)
- qemu <unfixed>
[bookworm] - qemu <no-dsa> (Minor issue)
[bullseye] - qemu <no-dsa> (Minor issue)
@@ -2515,7 +2921,7 @@ CVE-2023-3291 (Heap-based Buffer Overflow in GitHub repository gpac/gpac prior t
[buster] - gpac <end-of-life> (EOL in buster LTS)
NOTE: https://huntr.dev/bounties/526954e6-8683-4697-bfa2-886c3204a1d5/
NOTE: https://github.com/gpac/gpac/commit/6a748ccc3f76ff10e3ae43014967ea4b0c088aaf
-CVE-2023-3269
+CVE-2023-3269 (A vulnerability exists in the memory management subsystem of the Linux ...)
{DSA-5448-1}
- linux 6.3.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -2887,7 +3293,7 @@ CVE-2023-32032 (.NET and Visual Studio Elevation of Privilege Vulnerability)
NOT-FOR-US: .NET
CVE-2023-32029 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2023-32022 (<div data-wrapper="true" style="font-family:'Segoe UI','Helvetica Neue ...)
+CVE-2023-32022 (Windows Server Service Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-32021 (Windows SMB Witness Service Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
@@ -3586,7 +3992,8 @@ CVE-2021-4344 (The Frontend File Manager plugin for WordPress is vulnerable to P
NOT-FOR-US: Frontend File Manager plugin for WordPress
CVE-2021-4343 (The Unauthenticated Account Creation plugin for WordPress is vulnerabl ...)
NOT-FOR-US: Unauthenticated Account Creation plugin for WordPress
-CVE-2021-4342 (Over 70 plugins and themes were vulnerable to Cross-Site Request Forge ...)
+CVE-2021-4342
+ REJECTED
NOT-FOR-US: WordPress plugins
CVE-2021-4341 (The uListing plugin for WordPress is vulnerable to authorization bypas ...)
NOT-FOR-US: uListing plugin for WordPress
@@ -3750,7 +4157,7 @@ CVE-2023-33530 (There is a command injection vulnerability in the Tenda G103 Gig
CVE-2023-33477 (In Harmonic NSG 9000-6G devices, an authenticated remote user can obta ...)
NOT-FOR-US: Harmonic NSG 9000-6G devices
CVE-2023-33460 (There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse functi ...)
- {DLA-3478-1}
+ {DLA-3492-1 DLA-3478-1}
- yajl 2.1.0-3.1 (bug #1039984)
[bookworm] - yajl <no-dsa> (Minor issue)
[bullseye] - yajl <no-dsa> (Minor issue)
@@ -3886,7 +4293,7 @@ CVE-2023-3111 (A use after free vulnerability was found in prepare_to_relocate i
NOTE: https://git.kernel.org/linus/85f02d6c856b9f3a0acf5219de6e32f58b9778eb (6.0-rc2)
CVE-2023-3109 (Cross-site Scripting (XSS) - Stored in GitHub repository admidio/admid ...)
NOT-FOR-US: admidio
-CVE-2023-3108
+CVE-2023-3108 (A flaw was found in the subsequent get_user_pages_fast in the Linux ke ...)
- linux 4.0.2-1
NOTE: https://git.kernel.org/linus/9399f0c51489ae8c16d6559b82a452fdc1895e91 (4.0-rc1)
CVE-2023-3066 (Incorrect Authorization vulnerability in Mobatime mobile application A ...)
@@ -9056,8 +9463,8 @@ CVE-2023-2074 (A vulnerability was found in Campcodes Online Traffic Offense Man
NOT-FOR-US: Campcodes Online Traffic Offense Management System
CVE-2023-2073 (A vulnerability was found in Campcodes Online Traffic Offense Manageme ...)
NOT-FOR-US: Campcodes Online Traffic Offense Management System
-CVE-2023-2072
- RESERVED
+CVE-2023-2072 (The Rockwell Automation PowerMonitor 1000 contains stored cross-site s ...)
+ TODO: check
CVE-2023-2071
RESERVED
CVE-2023-2070
@@ -10652,8 +11059,8 @@ CVE-2023-29986 (spring-boot-actuator-logview 0.2.13 allows Directory Traversal t
NOT-FOR-US: spring-boot-actuator-logview
CVE-2023-29985 (Sourcecodester Student Study Center Desk Management System v1.0 admin\ ...)
NOT-FOR-US: Sourcecodester
-CVE-2023-29984
- RESERVED
+CVE-2023-29984 (Null pointer dereference vulnerability exists in multiple vendors MFPs ...)
+ TODO: check
CVE-2023-29983 (Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8. ...)
NOT-FOR-US: Maximilian Vogt cmaps
CVE-2023-29982
@@ -12166,8 +12573,8 @@ CVE-2023-29408
RESERVED
CVE-2023-29407
RESERVED
-CVE-2023-29406
- RESERVED
+CVE-2023-29406 (The HTTP/1 client does not fully validate the contents of the Host hea ...)
+ TODO: check
CVE-2023-29405 (The go command may execute arbitrary code at build time when using cgo ...)
- golang-1.20 1.20.5-1
[experimental] - golang-1.19 1.19.10-1
@@ -12475,8 +12882,8 @@ CVE-2023-29349 (Microsoft ODBC and OLE DB Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-29348
RESERVED
-CVE-2023-29347
- RESERVED
+CVE-2023-29347 (Windows Admin Center Spoofing Vulnerability)
+ TODO: check
CVE-2023-29346 (NTFS Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-29345 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability)
@@ -13120,10 +13527,10 @@ CVE-2023-29132 (Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because
NOTE: https://irssi.org/security/irssi_sa_2023_03.txt
NOTE: https://github.com/irssi/irssi/pull/1456
NOTE: https://github.com/irssi/irssi/commit/c554a45738712219c066897b09a44d99afeb4240
-CVE-2023-29131
- RESERVED
-CVE-2023-29130
- RESERVED
+CVE-2023-29131 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...)
+ TODO: check
+CVE-2023-29130 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...)
+ TODO: check
CVE-2023-29129 (A vulnerability has been identified in Mendix SAML (Mendix 7 compatibl ...)
NOT-FOR-US: Siemens
CVE-2023-29128 (A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 ( ...)
@@ -13802,8 +14209,7 @@ CVE-2023-28935 (** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Speci
NOT-FOR-US: Apache UIMA UICC
CVE-2023-28744
RESERVED
-CVE-2023-1672 [Fix race condition when creating/rotating keys]
- RESERVED
+CVE-2023-1672 (A race condition exists in the Tang server functionality for key gener ...)
- tang 14-1 (bug #1038119)
[bookworm] - tang <no-dsa> (Minor issue)
[bullseye] - tang <no-dsa> (Minor issue)
@@ -17195,8 +17601,8 @@ CVE-2023-28003 (A CWE-613: Insufficient Session Expiration vulnerability exists
NOT-FOR-US: Schneider
CVE-2023-28002
RESERVED
-CVE-2023-28001
- RESERVED
+CVE-2023-28001 (An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 ...)
+ TODO: check
CVE-2023-28000 (An improper neutralization of special elements used in an OS command v ...)
NOT-FOR-US: FortiGuard
CVE-2023-27999 (An improper neutralization of special elements used in an OS command v ...)
@@ -20422,8 +20828,8 @@ CVE-2023-26863
RESERVED
CVE-2023-26862
RESERVED
-CVE-2023-26861
- RESERVED
+CVE-2023-26861 (SQL injection vulnerability found in PrestaShop vivawallet v.1.7.10 an ...)
+ TODO: check
CVE-2023-26860 (SQL injection vulnerability found in PrestaShop Igbudget v.1.0.3 and b ...)
NOT-FOR-US: PrestaShop Igbudget
CVE-2023-26859
@@ -23736,8 +24142,8 @@ CVE-2023-25708 (Cross-Site Request Forgery (CSRF) vulnerability in Rextheme WP V
NOT-FOR-US: WordPress plugin
CVE-2023-25707 (Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooki ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25706
- RESERVED
+CVE-2023-25706 (Cross-Site Request Forgery (CSRF) vulnerability in Pagup WordPress Rob ...)
+ TODO: check
CVE-2023-25705 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Go P ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25704 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mehj ...)
@@ -24189,8 +24595,8 @@ CVE-2023-25608
RESERVED
CVE-2023-25607
RESERVED
-CVE-2023-25606
- RESERVED
+CVE-2023-25606 (An improper limitation of a pathname to a restricted directory ('Path ...)
+ TODO: check
CVE-2023-25605 (A improper access control vulnerability in Fortinet FortiSOAR 7.3.0 - ...)
NOT-FOR-US: Fortinet
CVE-2023-25604
@@ -24770,8 +25176,8 @@ CVE-2023-25445
RESERVED
CVE-2023-25444
RESERVED
-CVE-2023-25443
- RESERVED
+CVE-2023-25443 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button ...)
+ TODO: check
CVE-2023-25442 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Marc ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25441
@@ -26222,8 +26628,8 @@ CVE-2023-24883 (Microsoft PostScript and PCL6 Class Printer Driver Information D
NOT-FOR-US: Microsoft
CVE-2023-24882 (Microsoft OneDrive for Android Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2023-24881
- RESERVED
+CVE-2023-24881 (Microsoft Teams Information Disclosure Vulnerability)
+ TODO: check
CVE-2023-24880 (Windows SmartScreen Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-24879 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
@@ -27828,8 +28234,8 @@ CVE-2023-24419 (Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Fo
NOT-FOR-US: WordPress plugin
CVE-2023-24418 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-24417
- RESERVED
+CVE-2023-24417 (Cross-Site Request Forgery (CSRF) vulnerability in tiggersWelt.Net Wor ...)
+ TODO: check
CVE-2023-24416
RESERVED
CVE-2023-24415 (Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud ChatBo ...)
@@ -29439,8 +29845,8 @@ CVE-2023-23779 (Multiple improper neutralization of special elements used in an
NOT-FOR-US: FortiGuard
CVE-2023-23778 (A relative path traversal vulnerability [CWE-23] in FortiWeb version 7 ...)
NOT-FOR-US: FortiGuard
-CVE-2023-23777
- RESERVED
+CVE-2023-23777 (An improper neutralization of special elements used in an OS command ( ...)
+ TODO: check
CVE-2023-23776 (An exposure of sensitive information to an unauthorized actor [CWE-200 ...)
NOT-FOR-US: Fortinet
CVE-2023-23775
@@ -29576,8 +29982,8 @@ CVE-2023-23758
RESERVED
CVE-2023-23757
RESERVED
-CVE-2023-23756
- RESERVED
+CVE-2023-23756 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
CVE-2023-23755 (An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of ra ...)
NOT-FOR-US: Joomla!
CVE-2023-23754 (An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input ...)
@@ -29854,8 +30260,8 @@ CVE-2023-23673 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability i
NOT-FOR-US: WordPress plugin
CVE-2023-23672
RESERVED
-CVE-2023-23671
- RESERVED
+CVE-2023-23671 (Cross-Site Request Forgery (CSRF) vulnerability in Muneeb Layer Slider ...)
+ TODO: check
CVE-2023-23670 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Team ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23669
@@ -38330,8 +38736,8 @@ CVE-2023-21758 (Windows Internet Key Exchange (IKE) Extension Denial of Service
NOT-FOR-US: Microsoft
CVE-2023-21757 (Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerabil ...)
NOT-FOR-US: Microsoft
-CVE-2023-21756
- RESERVED
+CVE-2023-21756 (Windows Win32k Elevation of Privilege Vulnerability)
+ TODO: check
CVE-2023-21755 (Windows Kernel Elevation of Privilege Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-21754 (Windows Kernel Elevation of Privilege Vulnerability)
@@ -41585,8 +41991,8 @@ CVE-2023-21528 (Microsoft SQL Server Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-21527 (Windows iSCSI Service Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
-CVE-2023-21526
- RESERVED
+CVE-2023-21526 (Windows Netlogon Information Disclosure Vulnerability)
+ TODO: check
CVE-2023-21525 (Remote Procedure Call Runtime Denial of Service Vulnerability)
NOT-FOR-US: Microsoft
CVE-2023-21524 (Windows Local Security Authority (LSA) Elevation of Privilege Vulnerab ...)
@@ -49994,8 +50400,8 @@ CVE-2023-20577
RESERVED
CVE-2023-20576
RESERVED
-CVE-2023-20575
- RESERVED
+CVE-2023-20575 (A potential power side-channel vulnerability in some AMD processors ma ...)
+ TODO: check
CVE-2023-20574
RESERVED
CVE-2023-20573
@@ -59356,7 +59762,7 @@ CVE-2022-41066 (Microsoft Business Central Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2022-41065
RESERVED
-CVE-2022-41064 (.NET Framework Information Disclosure Vulnerability.)
+CVE-2022-41064 (.NET Framework Information Disclosure Vulnerability)
NOT-FOR-US: Microsoft
CVE-2022-41063 (Microsoft Excel Remote Code Execution Vulnerability)
NOT-FOR-US: Microsoft
@@ -70200,6 +70606,7 @@ CVE-2022-37028 (ISAMS 22.2.3.2 is prone to stored Cross-site Scripting (XSS) att
CVE-2022-37027 (Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject a ...)
NOT-FOR-US: Ahsay AhsayCBS
CVE-2022-37026 (In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before ...)
+ {DLA-3491-1}
- erlang 1:24.3.4.5+dfsg-1 (bug #1024632)
[bullseye] - erlang 1:23.2.6+dfsg-1+deb11u1
NOTE: https://erlangforums.com/t/otp-25-1-released/1854
@@ -84295,8 +84702,8 @@ CVE-2022-31812
RESERVED
CVE-2022-31811
RESERVED
-CVE-2022-31810
- RESERVED
+CVE-2022-31810 (A vulnerability has been identified in SiPass integrated (All versions ...)
+ TODO: check
CVE-2022-31809
RESERVED
CVE-2022-31808 (A vulnerability has been identified in SiPass integrated AC5102 (ACC-G ...)
@@ -91314,10 +91721,10 @@ CVE-2022-29564 (Jamf Private Access before 2022-05-16 has Incorrect Access Contr
NOT-FOR-US: Jamf
CVE-2022-29563
RESERVED
-CVE-2022-29562
- RESERVED
-CVE-2022-29561
- RESERVED
+CVE-2022-29562 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
+CVE-2022-29561 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
+ TODO: check
CVE-2022-29560 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...)
NOT-FOR-US: RUGGEDCOM
CVE-2022-1426 (An issue has been discovered in GitLab affecting all versions starting ...)
@@ -105274,6 +105681,7 @@ CVE-2022-24797 (Pomerium is an identity-aware access proxy. In distributed servi
CVE-2022-24796 (RaspberryMatic is a free and open-source operating system for running ...)
NOT-FOR-US: RaspberryMatic
CVE-2022-24795 (yajl-ruby is a C binding to the YAJL JSON parsing and generation libra ...)
+ {DLA-3492-1}
- ruby-yajl 1.4.3-1 (bug #1014803)
[bullseye] - ruby-yajl <no-dsa> (Minor issue)
[buster] - ruby-yajl <no-dsa> (Minor issue)
@@ -106945,7 +107353,7 @@ CVE-2022-24289 (Hessian serialization is a network protocol that supports object
NOT-FOR-US: Apache Cayenne
CVE-2022-24288 (In Apache Airflow, prior to version 2.2.4, some example DAGs did not p ...)
- airflow <itp> (bug #819700)
-CVE-2022-24287 (A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier ...)
+CVE-2022-24287 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All version ...)
NOT-FOR-US: Siemens
CVE-2022-21799 (Cross-site scripting vulnerability in ELECOM LAN router WRC-300FEBK-R ...)
NOT-FOR-US: ELECOM
@@ -110198,8 +110606,8 @@ CVE-2022-23449 (A vulnerability has been identified in SIMATIC Energy Manager Ba
NOT-FOR-US: Siemens SIMATIC
CVE-2022-23448 (A vulnerability has been identified in SIMATIC Energy Manager Basic (A ...)
NOT-FOR-US: Siemens SIMATIC
-CVE-2022-23447
- RESERVED
+CVE-2022-23447 (An improper limitation of a pathname to a restricted directory ('Path ...)
+ TODO: check
CVE-2022-23446 (A improper control of a resource through its lifetime in Fortinet Fort ...)
NOT-FOR-US: Fortinet
CVE-2022-23445
@@ -114406,8 +114814,8 @@ CVE-2022-22304 (An improper neutralization of input during web page generation v
NOT-FOR-US: Fortinet
CVE-2022-22303 (An exposure of sensitive system information to an unauthorized control ...)
NOT-FOR-US: FortiGuard
-CVE-2022-22302
- RESERVED
+CVE-2022-22302 (A clear text storage of sensitive information (CWE-312) vulnerability ...)
+ TODO: check
CVE-2022-22301 (An improper neutralization of special elements used in an OS Command v ...)
NOT-FOR-US: FortiGuard
CVE-2022-22300 (A improper handling of insufficient permissions or privileges in Forti ...)
@@ -119813,11 +120221,11 @@ CVE-2021-44697 (Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlie
NOT-FOR-US: Adobe
CVE-2021-44696
RESERVED
-CVE-2021-44695 (A vulnerability has been identified in SIMATIC Drive Controller family ...)
+CVE-2021-44695 (A vulnerability has been identified in SIMATIC Drive Controller CPU 15 ...)
NOT-FOR-US: Siemens
-CVE-2021-44694 (A vulnerability has been identified in SIMATIC Drive Controller family ...)
+CVE-2021-44694 (A vulnerability has been identified in SIMATIC Drive Controller CPU 15 ...)
NOT-FOR-US: Siemens
-CVE-2021-44693 (A vulnerability has been identified in SIMATIC Drive Controller family ...)
+CVE-2021-44693 (A vulnerability has been identified in SIMATIC Drive Controller CPU 15 ...)
NOT-FOR-US: Siemens
CVE-2021-4079 (Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 a ...)
{DSA-5046-1}
@@ -135276,7 +135684,7 @@ CVE-2021-40367
RESERVED
CVE-2021-40366 (A vulnerability has been identified in Climatix POL909 (AWB module) (A ...)
NOT-FOR-US: Siemens
-CVE-2021-40365 (A vulnerability has been identified in SIMATIC Drive Controller family ...)
+CVE-2021-40365 (A vulnerability has been identified in SIMATIC Drive Controller CPU 15 ...)
NOT-FOR-US: Siemens
CVE-2021-40364 (A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All version ...)
NOT-FOR-US: Siemens
@@ -216955,8 +217363,8 @@ CVE-2020-20120 (ThinkPHP v3.2.3 and below contains a SQL injection vulnerability
NOT-FOR-US: ThinkPHP
CVE-2020-20119
RESERVED
-CVE-2020-20118
- RESERVED
+CVE-2020-20118 (Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows ...)
+ TODO: check
CVE-2020-20117
RESERVED
CVE-2020-20116
@@ -383032,7 +383440,7 @@ CVE-2017-16518
CVE-2017-16517
RESERVED
CVE-2017-16516 (In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is suppl ...)
- {DLA-1167-1}
+ {DLA-3492-1 DLA-1167-1}
- ruby-yajl 1.2.0-3.1 (low; bug #880691)
[stretch] - ruby-yajl <no-dsa> (Minor issue)
[jessie] - ruby-yajl <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/453e271955fed4e2550b452de0f24e24f7839ae3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/453e271955fed4e2550b452de0f24e24f7839ae3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230711/5eebe305/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list