[Git][security-tracker-team/security-tracker][master] new cjose issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5b10cca7 by Moritz Muehlenhoff at 2023-07-16T10:49:06+02:00
new cjose issue

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -63,7 +63,9 @@ CVE-2023-37793 (WAYOS FBM-291W 19.09.11V was discovered to contain a buffer over
 CVE-2023-37472 (Knowage is an open source suite for business analytics. The applicatio ...)
 	NOT-FOR-US: Knowage
 CVE-2023-37464 (OpenIDC/cjose is a C library implementing the Javascript Object Signin ...)
-	TODO: check
+	- cjose <unfixed>
+	NOTE: https://github.com/OpenIDC/cjose/security/advisories/GHSA-3rhg-3gf2-6xgj
+	NOTE: https://github.com/OpenIDC/cjose/commit/7325e9a5e71e2fc0e350487ecac7d84acdf0ed5e
 CVE-2023-37462 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
 	NOT-FOR-US: XWiki
 CVE-2023-37268 (Warpgate is an SSH, HTTPS and MySQL bastion host for Linux that doesn' ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -14,6 +14,8 @@ If needed, specify the release by adding a slash after the name of the source pa
 --
 aom/oldstable
 --
+cjose
+--
 cinder/oldstable
 --
 iperf3 (aron)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b10cca708b547fc6f27d373e774609b064c1cd2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b10cca708b547fc6f27d373e774609b064c1cd2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230716/16dc5d30/attachment.htm>