[Git][security-tracker-team/security-tracker][master] Process some CVEs for mattermost

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jun 17 06:35:44 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5b7085cf by Salvatore Bonaccorso at 2023-06-17T07:34:19+02:00
Process some CVEs for mattermost

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -33,27 +33,27 @@ CVE-2023-33306 (A null pointer dereference in Fortinet FortiOS before 7.2.5,  be
 CVE-2023-2918
 	REJECTED
 CVE-2023-2831 (Mattermost fails to unescape Markdown strings in a memory-efficient wa ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2023-2797 (Mattermost fails to sanitize code permalinks, allowing an attacker to  ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2023-2793 (Mattermost fails to validate links on external websites when construct ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2023-2792 (Mattermost fails to sanitize ephemeral error messages, allowing an att ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2023-2791 (When creating a playbook run via the /dialog API, Mattermost fails to  ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2023-2788 (Mattermost fails to check if an admin user account active after an oau ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2023-2787 (Mattermost fails to check channel membership when accessing message th ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2023-2786 (Mattermost fails to properly check thepermissions when executing comma ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2023-2785 (Mattermost fails to properly truncate the postgres error log message o ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2023-2784 (Mattermost fails to verify if the requestor is a sysadmin or not, befo ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2023-2783 (Mattermost Apps Framework fails to verify that a secret provided in th ...)
-	TODO: check
+	- mattermost-server <itp> (bug #823556)
 CVE-2023-3291 (Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2 ...)
 	TODO: check
 CVE-2023-3268 (An out of bounds (OOB) memory access flaw was found in the Linux kerne ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b7085cfcccc5213c37328c06d1fd176b9de7b90

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b7085cfcccc5213c37328c06d1fd176b9de7b90
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230617/2e89cba1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list