[Git][security-tracker-team/security-tracker][master] Add commit for fixing bouncycastle CVE-2023-33201
Bastien Roucariès (@rouca)
rouca at debian.org
Mon Jul 31 15:31:52 BST 2023
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f0bfb35f by Bastien Roucariès at 2023-07-31T14:31:27+00:00
Add commit for fixing bouncycastle CVE-2023-33201
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8175,6 +8175,7 @@ CVE-2023-33201 (Bouncy Castle For Java before 1.74 is affected by an LDAP inject
[bookworm] - bouncycastle <no-dsa> (Minor issue)
[bullseye] - bouncycastle <no-dsa> (Minor issue)
NOTE: https://github.com/bcgit/bc-java/wiki/CVE-2023-33201
+ NOTE: https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc
CVE-2023-31729 (TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection.)
NOT-FOR-US: TOTOLINK
CVE-2023-2780 (Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prio ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0bfb35fa5d71a9a8185a05602d2c2839fc78740
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0bfb35fa5d71a9a8185a05602d2c2839fc78740
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230731/d9dcc1b5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list