[Git][security-tracker-team/security-tracker][master] NFUs/k8s server side issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jun 16 08:28:31 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c57e4289 by Moritz Muehlenhoff at 2023-06-16T09:27:55+02:00
NFUs/k8s server side issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2023-2728
+	- kubernetes 1.20.5+really1.20.2-1
+	NOTE: Server components no longer built since 1.20.5+really1.20.2-1, marking that as fixed version
+	NOTE: The source package itself it still vulnerable, but custom rebuilds are not really a usecase here
+CVE-2023-2727
+	- kubernetes 1.20.5+really1.20.2-1
+	NOTE: Server components no longer built since 1.20.5+really1.20.2-1, marking that as fixed version
+	NOTE: The source package itself it still vulnerable, but custom rebuilds are not really a usecase here
 CVE-2023-3276 (A vulnerability, which was classified as problematic, has been found i ...)
 	TODO: check
 CVE-2023-3275 (A vulnerability classified as critical was found in PHPGurukul Rail Pa ...)
@@ -286,7 +294,7 @@ CVE-2023-32301 (Discourse is an open source discussion platform. Prior to versio
 CVE-2023-32061 (Discourse is an open source discussion platform. Prior to version 3.0. ...)
 	NOT-FOR-US: Discourse
 CVE-2023-32032 (.NET and Visual Studio Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: .NET
 CVE-2023-32029 (Microsoft Excel Remote Code Execution Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2023-32022 (<div data-wrapper="true" style="font-family:'Segoe UI','Helvetica Neue ...)
@@ -23218,11 +23226,11 @@ CVE-2023-24940 (Windows Pragmatic General Multicast (PGM) Denial of Service Vuln
 CVE-2023-24939 (Server for NFS Denial of Service Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2023-24938 (Windows CryptoAPI  Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2023-24937 (Windows CryptoAPI  Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2023-24936 (.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnera ...)
-	TODO: check
+	NOT-FOR-US: .NET
 CVE-2023-24935 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2023-24934 (Microsoft Defender Security Feature Bypass Vulnerability)
@@ -23300,11 +23308,11 @@ CVE-2023-24899 (Windows Graphics Component Elevation of Privilege Vulnerability)
 CVE-2023-24898 (Windows SMB Denial of Service Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2023-24897 (.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerab ...)
-	TODO: check
+	NOT-FOR-US: .NET
 CVE-2023-24896
 	RESERVED
 CVE-2023-24895 (.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerab ...)
-	TODO: check
+	NOT-FOR-US: .NET
 CVE-2023-24894
 	RESERVED
 CVE-2023-24893 (Visual Studio Code Remote Code Execution Vulnerability)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c57e4289e0b7f9f5f9c1de25717121c48b791d33

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c57e4289e0b7f9f5f9c1de25717121c48b791d33
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230616/4b9f4f10/attachment.htm>

More information about the debian-security-tracker-commits mailing list