[Git][security-tracker-team/security-tracker][master] 2 commits: xrdp commit references

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jul 18 08:55:15 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7e3ce346 by Moritz Muehlenhoff at 2023-07-18T09:54:50+02:00
xrdp commit references

- - - - -
7027f2af by Moritz Muehlenhoff at 2023-07-18T09:54:50+02:00
requests fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6324,7 +6324,7 @@ CVE-2023-32685 (Kanboard is project management software that focuses on the Kanb
 	NOTE: https://github.com/kanboard/kanboard/security/advisories/GHSA-hjmw-gm82-r4gv
 CVE-2023-32681 (Requests is a HTTP library. Since Requests 2.3.0, Requests has been le ...)
 	{DLA-3456-1}
-	- requests <unfixed> (bug #1036693)
+	- requests 2.31.0+dfsg-1 (bug #1036693)
 	[bookworm] - requests <no-dsa> (Minor issue)
 	[bullseye] - requests <no-dsa> (Minor issue)
 	NOTE: https://github.com/psf/requests/security/advisories/GHSA-j8r2-6x86-q33q
@@ -111303,6 +111303,7 @@ CVE-2022-23493 (xrdp is an open source project which provides a graphical login
 	{DLA-3370-1}
 	- xrdp 0.9.21.1-1 (bug #1025879)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-59wp-3wq6-jh5v
+	NOTE: https://github.com/neutrinolabs/xrdp/commit/030db5524be7616967ae9e7d26b3d4477cf6082d
 CVE-2022-23492 (go-libp2p is the offical libp2p implementation in the Go programming l ...)
 	NOT-FOR-US: go-libp2p
 CVE-2022-23491 (Certifi is a curated collection of Root Certificates for validating th ...)
@@ -111325,10 +111326,12 @@ CVE-2022-23484 (xrdp is an open source project which provides a graphical login
 	{DLA-3370-1}
 	- xrdp 0.9.21.1-1 (bug #1025879)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-rqfx-5fv8-q9c6
+	NOTE: https://github.com/neutrinolabs/xrdp/commit/c2c6efb1d377be6baaa4acbc9d3700490fe92887
 CVE-2022-23483 (xrdp is an open source project which provides a graphical login to rem ...)
 	{DLA-3370-1}
 	- xrdp 0.9.21.1-1 (bug #1025879)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-38rw-9ch2-fcxq
+	NOTE: https://github.com/neutrinolabs/xrdp/commit/35cca701c753db65d3c05b7ea4fff9bd09e76661
 CVE-2022-23482 (xrdp is an open source project which provides a graphical login to rem ...)
 	{DLA-3375-1}
 	- xrdp 0.9.21.1-1 (bug #1025879)
@@ -111348,14 +111351,17 @@ CVE-2022-23479 (xrdp is an open source project which provides a graphical login
 	{DLA-3370-1}
 	- xrdp 0.9.21.1-1 (bug #1025879)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-pgx2-3fjj-fqqh
+	NOTE: https://github.com/neutrinolabs/xrdp/commit/60864014b733c10881c078048560858067fe5d0f
 CVE-2022-23478 (xrdp is an open source project which provides a graphical login to rem ...)
 	{DLA-3370-1}
 	- xrdp 0.9.21.1-1 (bug #1025879)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-2f49-wwpm-78pj
+	NOTE: https://github.com/neutrinolabs/xrdp/commit/6cb54a1c26b53617e1c79a0abc96d03c4add1eb8
 CVE-2022-23477 (xrdp is an open source project which provides a graphical login to rem ...)
 	- xrdp 0.9.21.1-1 (bug #1025879)
 	[buster] - xrdp <not-affected> (Code not present)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-hqw2-jx2c-wrr2
+	NOTE: https://github.com/neutrinolabs/xrdp/commit/96afae1ec559f9befa1c222f92f0d982e410c864
 CVE-2022-23476 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
 	- ruby-nokogiri 1.13.10+dfsg-1
 	[bullseye] - ruby-nokogiri <not-affected> (Introduced in 1.13.8)
@@ -111383,6 +111389,7 @@ CVE-2022-23468 (xrdp is an open source project which provides a graphical login
 	{DLA-3370-1}
 	- xrdp 0.9.21.1-1 (bug #1025879)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-8c2f-mw8m-qpx6
+	NOTE: https://github.com/neutrinolabs/xrdp/commit/43cf272b1138462c1bdfc48ef7e9142208194382
 CVE-2022-23467 (OpenRazer is an open source driver and user-space daemon to control Ra ...)
 	- openrazer 3.5.1+dfsg-1
 	[bullseye] - openrazer <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4a0e9dba76e7cf415a884a3d6b46bb661e5b4537...7027f2af78a427925b46b685d8610d2530a1c29b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4a0e9dba76e7cf415a884a3d6b46bb661e5b4537...7027f2af78a427925b46b685d8610d2530a1c29b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230718/de562a1a/attachment.htm>

More information about the debian-security-tracker-commits mailing list