[Git][security-tracker-team/security-tracker][master] Add CVE-2023-32665, CVE-2023-32611 and CVE-2023-29499
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 7 19:53:48 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b56042ec by Salvatore Bonaccorso at 2023-06-07T20:52:58+02:00
Add CVE-2023-32665, CVE-2023-32611 and CVE-2023-29499
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8188,6 +8188,24 @@ CVE-2013-10024 (A vulnerability has been found in Exit Strategy Plugin 1.55 and
NOT-FOR-US: WordPress plugin
CVE-2012-10010 (A vulnerability was found in BestWebSoft Contact Form 3.21. It has bee ...)
NOT-FOR-US: WordPress plugin
+CVE-2023-32665 [GVariant deserialisation does not match spec for non-normal data]
+ - glib2.0 2.74.4-1
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2121
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3125
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3126
+ NOTE: Merge commit for glib-2-74: https://gitlab.gnome.org/GNOME/glib/-/commit/e16fb83755e08a4c2da2b0a8ea0fc2e27b1154bf (2.74.4)
+CVE-2023-32611 [g_variant_byteswap() can take a long time with some non-normal inputs]
+ - glib2.0 2.74.4-1
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2797
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3125
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3126
+ NOTE: Merge commit for glib-2-74: https://gitlab.gnome.org/GNOME/glib/-/commit/e16fb83755e08a4c2da2b0a8ea0fc2e27b1154bf (2.74.4)
+CVE-2023-29499 [GVariant offset table entry size is not checked in is_normal()]
+ - glib2.0 2.74.4-1
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2794
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3125
+ NOTE: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3126
+ NOTE: Merge commit for glib-2-74: https://gitlab.gnome.org/GNOME/glib/-/commit/e16fb83755e08a4c2da2b0a8ea0fc2e27b1154bf (2.74.4)
CVE-2023-29493
RESERVED
CVE-2023-29492 (Novi Survey before 8.9.43676 allows remote attackers to execute arbitr ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b56042ec48ddf17d2e8a3fb92139131551acd330
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b56042ec48ddf17d2e8a3fb92139131551acd330
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230607/a29a7512/attachment.htm>
More information about the debian-security-tracker-commits
mailing list