[Git][security-tracker-team/security-tracker][master] Pinpoint upstream tag references for trafficserver issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6a770fae by Salvatore Bonaccorso at 2023-06-16T20:36:54+02:00
Pinpoint upstream tag references for trafficserver issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -291,8 +291,8 @@ CVE-2023-33933 (Exposure of Sensitive Information to an Unauthorized Actor vulne
 	- trafficserver <unfixed>
 	NOTE: https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
 	NOTE: https://github.com/apache/trafficserver/commit/867c48c1adf9e795c8d85c48d2d0f07f08aa87ec (master)
-	NOTE: https://github.com/apache/trafficserver/commit/726a79cb2f70fcbe0e2139aab3fe56930d3d8c27 (9.2.x)
-	NOTE: https://github.com/apache/trafficserver/commit/496fa2c4cbdf2b3d6c61760a3fb6675b74b549f0 (8.1.x)
+	NOTE: https://github.com/apache/trafficserver/commit/726a79cb2f70fcbe0e2139aab3fe56930d3d8c27 (9.2.1-rc0)
+	NOTE: https://github.com/apache/trafficserver/commit/496fa2c4cbdf2b3d6c61760a3fb6675b74b549f0 (8.1.7)
 CVE-2023-33817 (hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerabil ...)
 	- hoteldruid <unfixed>
 	[bookworm] - hoteldruid <no-dsa> (Minor issue)
@@ -6217,8 +6217,8 @@ CVE-2023-30631 (Improper Input Validation vulnerability in Apache Software Found
 	- trafficserver <unfixed>
 	NOTE: https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
 	NOTE: https://github.com/apache/trafficserver/commit/8d1ad1dfe4d0ee179029f37c7e8d4caab601cb7b (master)
-	NOTE: https://github.com/apache/trafficserver/commit/ee46128fc7099956145be2147e4ddad7fbc7299b (9.2.x)
-	NOTE: https://github.com/apache/trafficserver/commit/35dd3efde78a73aefa257e12b8fe78d6cd646ba0 (8.1.x)
+	NOTE: https://github.com/apache/trafficserver/commit/ee46128fc7099956145be2147e4ddad7fbc7299b (9.2.1-rc0)
+	NOTE: https://github.com/apache/trafficserver/commit/35dd3efde78a73aefa257e12b8fe78d6cd646ba0 (8.1.7)
 CVE-2023-30630 (Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This  ...)
 	- dmidecode 3.5-1 (bug #1034483)
 	[bookworm] - dmidecode <no-dsa> (Minor issue)
@@ -36180,8 +36180,8 @@ CVE-2022-47184 (Exposure of Sensitive Information to an Unauthorized Actor vulne
 	- trafficserver <unfixed>
 	NOTE: https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs
 	NOTE: https://github.com/apache/trafficserver/commit/105af3ca30e59fbb89013e83a484a04559b4cf25 (master)
-	NOTE: https://github.com/apache/trafficserver/commit/c371b7b21a7e774f852af86b85c87d5d877a14bd (9.2.x)
-	NOTE: https://github.com/apache/trafficserver/commit/b49ae063632b1f40b9bd45aa66524924e2c26600 (8.1.x)
+	NOTE: https://github.com/apache/trafficserver/commit/c371b7b21a7e774f852af86b85c87d5d877a14bd (9.2.1-rc0)
+	NOTE: https://github.com/apache/trafficserver/commit/b49ae063632b1f40b9bd45aa66524924e2c26600 (8.1.7)
 CVE-2022-47183 (Cross-Site Request Forgery (CSRF) vulnerability in StylistWP Extra Blo ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-47182



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a770fae1bcd3fd0ade7b3752d017c121fe2ef53

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a770fae1bcd3fd0ade7b3752d017c121fe2ef53
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230616/9dd0041d/attachment.htm>