[Git][security-tracker-team/security-tracker][master] iperf3 CVEfied
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Jul 18 11:44:22 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4ded1fe2 by Moritz Muehlenhoff at 2023-07-18T12:43:58+02:00
iperf3 CVEfied
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -75,7 +75,10 @@ CVE-2023-38405 (On Crestron 3-Series Control Systems before 1.8001.0187, craftin
CVE-2023-38404 (The XPRTLD web application in Veritas InfoScale Operations Manager (VI ...)
NOT-FOR-US: Veritas InfoScale
CVE-2023-38403 (iperf3 before 3.14 allows peers to cause an integer overflow and heap ...)
- TODO: check
+ {DSA-5455-1}
+ - iperf3 3.14-1 (bug #1040830)
+ NOTE: https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc
+ NOTE: https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9 (3.14)
CVE-2023-37985 (Cross-Site Request Forgery (CSRF) vulnerability in FiveStarPlugins Res ...)
NOT-FOR-US: WordPress themes
CVE-2023-37974 (Cross-Site Request Forgery (CSRF) vulnerability in Justin Klein WP Soc ...)
@@ -1374,12 +1377,6 @@ CVE-2023-36543 (Apache Airflow, versions before 2.6.3, has a vulnerability where
- airflow <itp> (bug #819700)
CVE-2023-35908 (Apache Airflow, versions before 2.6.3, is affected by a vulnerability ...)
- airflow <itp> (bug #819700)
-CVE-2023-XXXX [ESNET-SECADV-2023-0001: iperf3 memory allocation hazard and crash]
- - iperf3 3.14-1 (bug #1040830)
- [bookworm] - iperf3 3.12-1+deb12u1
- [bullseye] - iperf3 3.9-1+deb11u1
- NOTE: https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc
- NOTE: https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9 (3.14)
CVE-2023-3608 (A vulnerability was found in Ruijie BCR810W 2.5.10. It has been rated ...)
NOT-FOR-US: Ruijie
CVE-2023-3607 (A vulnerability was found in kodbox 1.26. It has been declared as crit ...)
=====================================
data/DSA/list
=====================================
@@ -1,4 +1,5 @@
[17 Jul 2023] DSA-5455-1 iperf3 - security update
+ {CVE-2023-38403}
[bullseye] - iperf3 3.9-1+deb11u1
[bookworm] - iperf3 3.12-1+deb12u1
[16 Jul 2023] DSA-5454-1 kanboard - security update
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ded1fe2bb8f3a736fe638321a675297cde89cfd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ded1fe2bb8f3a736fe638321a675297cde89cfd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230718/1e673236/attachment.htm>
More information about the debian-security-tracker-commits
mailing list