[Git][security-tracker-team/security-tracker][master] lts: CVE-2023-30571/libarchive no-dsa on buster
Emilio Pozuelo Monfort (@pochu)
pochu at debian.org
Fri Jun 2 10:13:17 BST 2023
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
393e8cd9 by Emilio Pozuelo Monfort at 2023-06-02T11:10:18+02:00
lts: CVE-2023-30571/libarchive no-dsa on buster
Issue is very hard to exploit on realistic scenarios.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4748,6 +4748,7 @@ CVE-2023-30572
RESERVED
CVE-2023-30571 (Libarchive through 3.6.2 can cause directories to have world-writable ...)
- libarchive <unfixed>
+ [buster] - libarchive <no-dsa> (Minor issue)
NOTE: https://github.com/libarchive/libarchive/issues/1876
CVE-2023-29504
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/393e8cd95db958b47b2d777f7689857c5ce757ed
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/393e8cd95db958b47b2d777f7689857c5ce757ed
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230602/cc9cc802/attachment.htm>
More information about the debian-security-tracker-commits
mailing list