[Git][security-tracker-team/security-tracker][master] okio n/a
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Jul 14 15:39:24 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dd212131 by Moritz Muehlenhoff at 2023-07-14T16:39:00+02:00
okio n/a
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -246,7 +246,9 @@ CVE-2023-3640 [x86/mm: a per-cpu entry area leak was identified through the init
- linux <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2217523
CVE-2023-3635 (GzipSource does not handle an exception that might be raised when pars ...)
- TODO: check
+ - okio <not-affected> (Doesn't ship Kotlin variant yet)
+ NOTE: https://research.jfrog.com/vulnerabilities/okio-gzip-source-unhandled-exception-dos-xray-523195/
+ NOTE: https://github.com/square/okio/commit/81bce1a30af244550b0324597720e4799281da7b
CVE-2023-3596 (Where this vulnerability exists in the Rockwell Automation 1756-EN4* E ...)
NOT-FOR-US: Rockwell Automation
CVE-2023-3595 (Where this vulnerability exists in the Rockwell Automation 1756 EN2* a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd2121312adb99eab73d2c9fe8287edea55270b8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd2121312adb99eab73d2c9fe8287edea55270b8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230714/24235dc4/attachment.htm>
More information about the debian-security-tracker-commits
mailing list