[Git][security-tracker-team/security-tracker][master] new elfutils non issue

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Jul 23 19:23:58 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c9f81492 by Moritz Muehlenhoff at 2023-07-23T20:23:33+02:00
new elfutils non issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3915,7 +3915,7 @@ CVE-2023-31469 (A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.
 CVE-2023-3326 (pam_krb5 authenticates a user by essentially running kinit with the pa ...)
 	- libpam-krb5 <unfixed> (unimportant)
 	NOTE: Documented shortcoming of Linux pam-krb
-	NOTE: https://www.openwall.com/lists/oss-security/2023/06/22/2	
+	NOTE: https://www.openwall.com/lists/oss-security/2023/06/22/2
 CVE-2023-3256 (Advantech R-SeeNet  versions 2.4.22  allows low-level users to access  ...)
 	NOT-FOR-US: Advantech R-SeeNet
 CVE-2023-36371 (An issue in the GDKfree component of MonetDB Server v11.45.17 and v11. ...)
@@ -154947,7 +154947,10 @@ CVE-2021-33296
 CVE-2021-33295 (Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before  ...)
 	NOT-FOR-US: Joplin Desktop App
 CVE-2021-33294 (In elfutils 0.183, an infinite loop was found in the function handle_s ...)
-	TODO: check
+	- elfutils 0.185-2 (unimportant)
+	NOTE: Hang in CLI tool, no security impact
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=27501
+	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=480b6fa3662ba8ffeee274bf0d37423413c01e55 (elfutils-0.184)
 CVE-2021-33293 (Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-b ...)
 	{DLA-2957-1}
 	[experimental] - libpano13 2.9.21~rc1+dfsg-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9f81492c4bbe1f3274de35aa10273acaffc8336

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9f81492c4bbe1f3274de35aa10273acaffc8336
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230723/750d49f3/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list