[Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-34411/rust-xml-rs

Tue Jun 13 22:01:18 BST 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c17cc2cf by Salvatore Bonaccorso at 2023-06-13T23:00:32+02:00
Update information on CVE-2023-34411/rust-xml-rs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -974,9 +974,10 @@ CVE-2023-3097 (A vulnerability was found in KylinSoft kylin-software-properties
 CVE-2023-3096 (A vulnerability was found in KylinSoft kylin-software-properties on Ky ...)
 	NOT-FOR-US: KylinSoft
 CVE-2023-34411 (The xml-rs crate before 0.8.14 for Rust and Crab allows a denial of se ...)
-	- rust-xml-rs <unfixed>
+	- rust-xml-rs <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/netvl/xml-rs/pull/226
-	NOTE: https://github.com/netvl/xml-rs/commit/c09549a187e62d39d40467f129e64abf32efc35c (0.8.14)
+	NOTE: Introduced by: https://github.com/netvl/xml-rs/commit/014d808be900c85a0afc5ccdfe668be040d175aa (0.8.9)
+	NOTE: Fixed by: https://github.com/netvl/xml-rs/commit/c09549a187e62d39d40467f129e64abf32efc35c (0.8.14)
 CVE-2023-34410 (An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6. ...)
 	- qt6-base 6.4.2+dfsg-11 (bug #1037209)
 	- qtbase-opensource-src 5.15.8+dfsg-12 (bug #1037210)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c17cc2cfdca61e5c8f0d7dc8cd2625b89371226b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c17cc2cfdca61e5c8f0d7dc8cd2625b89371226b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230613/cfe48725/attachment.htm>
