[Git][security-tracker-team/security-tracker][master] 6 commits: Triage CVE-2023-37463 in cmark-gfm for buster LTS.

Chris Lamb (@lamby) lamby at debian.org
Sat Jul 15 16:46:19 BST 2023 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9794bd15 by Chris Lamb at 2023-07-15T16:43:18+01:00
Triage CVE-2023-37463 in cmark-gfm for buster LTS.

- - - - -
025316fe by Chris Lamb at 2023-07-15T16:43:37+01:00
Triage CVE-2023-37463 in python-cmarkgfm for buster LTS.

- - - - -
35cb61b2 by Chris Lamb at 2023-07-15T16:43:50+01:00
Triage CVE-2023-37463 in r-cran-commonmark for buster LTS.

- - - - -
26a00594 by Chris Lamb at 2023-07-15T16:44:07+01:00
Triage CVE-2023-37463 in ruby-commonmarker for buster LTS.

- - - - -
7ef2835d by Chris Lamb at 2023-07-15T16:44:51+01:00
Triage CVE-2023-3648 & CVE-2023-3649 in wireshark for buster LTS.

- - - - -
c8742a8e by Chris Lamb at 2023-07-15T16:45:36+01:00
Triage CVE-2023-38197 in qtbase-opensource-src for buster LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -112,12 +112,14 @@ CVE-2023-3649 (iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial o
 	- wireshark 4.0.7-1 (bug #1041101)
 	[bookworm] - wireshark <no-dsa> (Minor issue)
 	[bullseye] - wireshark <no-dsa> (Minor issue)
+	[buster] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2023-22.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19164
 CVE-2023-3648 (Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14  ...)
 	- wireshark 4.0.7-1 (bug #1041101)
 	[bookworm] - wireshark <no-dsa> (Minor issue)
 	[bullseye] - wireshark <no-dsa> (Minor issue)
+	[buster] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2023-21.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/19105
 CVE-2023-3514 (Improper Privilege Control in RazerCentralSerivce Named Pipe in Razer  ...)
@@ -212,15 +214,19 @@ CVE-2023-37463 (cmark-gfm is an extended version of the C reference implementati
 	- cmark-gfm <unfixed> (bug #1041097)
 	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
 	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
+	[buster] - cmark-gfm <no-dsa> (Minor issue)
 	- python-cmarkgfm <unfixed> (bug #1041098)
 	[bookworm] - python-cmarkgfm <no-dsa> (Minor issue)
 	[bullseye] - python-cmarkgfm <no-dsa> (Minor issue)
+	[buster] - python-cmarkgfm <no-dsa> (Minor issue)
 	- r-cran-commonmark <unfixed> (bug #1041099)
 	[bookworm] - r-cran-commonmark <no-dsa> (Minor issue)
 	[bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
+	[buster] - r-cran-commonmark <no-dsa> (Minor issue)
 	- ruby-commonmarker <unfixed> (bug #1041100)
 	[bookworm] - ruby-commonmarker <no-dsa> (Minor issue)
 	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
+	[buster] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-w4qg-3vf7-m9x5
 CVE-2023-37267 (Umbraco is a ASP.NET CMS. Under rare conditions a restart of Umbraco c ...)
 	NOT-FOR-US: Umbraco
@@ -279,6 +285,7 @@ CVE-2023-38197 (An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10,
 	- qtbase-opensource-src <unfixed> (bug #1041105)
 	[bookworm] - qtbase-opensource-src <no-dsa> (Minor issue)
 	[bullseye] - qtbase-opensource-src <no-dsa> (Minor issue)
+	[buster] - qtbase-opensource-src <no-dsa> (Minor issue)
 	- qt4-x11 <removed>
 	NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/488960
 CVE-2023-37568 (ELECOM wireless LAN routers WRC-1167GHBK-S v1.03 and earlier, and WRC- ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2172c314d144f7659d02a6866ef932a9208c6e24...c8742a8e57b2325244ba7f1823ef52f938ffa09a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2172c314d144f7659d02a6866ef932a9208c6e24...c8742a8e57b2325244ba7f1823ef52f938ffa09a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230715/2ab0fdef/attachment.htm>

More information about the debian-security-tracker-commits mailing list