[Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Jun 23 16:14:02 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e2485968 by Moritz Muehlenhoff at 2023-06-23T17:13:33+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25,13 +25,13 @@ CVE-2023-35131 (Content on the groups page required additional sanitizing to pre
CVE-2023-34553 (An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attacke ...)
NOT-FOR-US: WAFU Keyless Smart Lock
CVE-2023-34462 (Netty is an asynchronous event-driven network application framework fo ...)
- - netty <unfixed>
+ - netty <unfixed> (bug #1038947)
[bookworm] - netty <postponed> (Minor issue, fix along in future update)
[bullseye] - netty <postponed> (Minor issue, fix along in future update)
NOTE: https://github.com/netty/netty/security/advisories/GHSA-6mjq-h674-j845
NOTE: https://github.com/netty/netty/commit/535da17e45201ae4278c0479e6162bb4127d4c32
CVE-2023-34110 (Flask-AppBuilder is an application development framework, built on top ...)
- - flask-appbuilder <unfixed>
+ - flask-appbuilder <unfixed> (bug #1038948)
NOTE: https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-jhpr-j7cq-3jp3
NOTE: https://github.com/dpgaspar/Flask-AppBuilder/commit/ae25ad4c87a9051ebe4a4e8f02aee73232642626
CVE-2023-33299 (A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, ...)
@@ -1185,7 +1185,7 @@ CVE-2023-34334 (AMI BMC contains a vulnerability in the SPX REST API, where an a
NOT-FOR-US: AMI BMC
CVE-2023-34246 (Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to ...)
[experimental] - ruby-doorkeeper 5.6.6-1
- - ruby-doorkeeper <unfixed>
+ - ruby-doorkeeper <unfixed> (bug #1038950)
NOTE: https://github.com/doorkeeper-gem/doorkeeper/security/advisories/GHSA-7w2c-w47h-789w
NOTE: https://github.com/doorkeeper-gem/doorkeeper/issues/1589
NOTE: https://github.com/doorkeeper-gem/doorkeeper/pull/1646
@@ -1468,7 +1468,7 @@ CVE-2023-3142 (Cross-site Scripting (XSS) - Stored in GitHub repository microweb
CVE-2023-3140 (Missing HTTP headers (X-Frame-Options, Content-Security-Policy) in KNI ...)
NOT-FOR-US: KNIME Business Hub
CVE-2023-34237 (SABnzbd is an open source automated Usenet download tool. A design fla ...)
- - sabnzbdplus <unfixed>
+ - sabnzbdplus <unfixed> (bug #1038949)
NOTE: https://github.com/sabnzbd/sabnzbd/commit/422b4fce7bfd56e95a315be0400cdfdc585df7cc (4.0.2RC2)
NOTE: https://github.com/sabnzbd/sabnzbd/commit/e3a722664819d1c7c8fab97144cc299b1c18b429 (4.0.2RC2)
NOTE: https://github.com/sabnzbd/sabnzbd/security/advisories/GHSA-hhgh-xgh3-985r
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2485968a26afec7abc09305989d7b8765fe2b92
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2485968a26afec7abc09305989d7b8765fe2b92
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230623/951f02ba/attachment.htm>
More information about the debian-security-tracker-commits
mailing list