[Git][security-tracker-team/security-tracker][master] Track fixed version for two c-ares issues via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jun 23 22:09:15 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4e7ef3de by Salvatore Bonaccorso at 2023-06-23T23:08:28+02:00
Track fixed version for two c-ares issues via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5476,7 +5476,7 @@ CVE-2023-31148 (An Improper Input Validation vulnerability   in the Schweitzer E
 	NOT-FOR-US: Schweitzer Engineering Laboratories
 CVE-2023-31147 (c-ares is an asynchronous resolver library. When /dev/urandom or RtlGe ...)
 	[experimental] - c-ares 1.19.1-1
-	- c-ares <unfixed> (unimportant)
+	- c-ares 1.19.1-2 (unimportant)
 	NOTE: https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2
 	NOTE: https://github.com/c-ares/c-ares/commit/823df3b989e59465d17b0a2eb1239a5fc048b4e5 (cares-1_19_1)
 	NOTE: Any Debian system/port provides /dev/urandom
@@ -5533,7 +5533,7 @@ CVE-2023-31125 (Engine.IO is the implementation of transport-based cross-browser
 	NOT-FOR-US: Engine.IO
 CVE-2023-31124 (c-ares is an asynchronous resolver library. When cross-compiling c-are ...)
 	[experimental] - c-ares 1.19.1-1
-	- c-ares <unfixed> (unimportant)
+	- c-ares 1.19.1-2 (unimportant)
 	NOTE: https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4
 	NOTE: https://github.com/c-ares/c-ares/commit/c4930223e51d0e3dbfd8b2a814f4be2e269e2a9d (cares-1_19_1)
 	NOTE: No impact on binaries shipped by Debian



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e7ef3de229e35943495e137a298eccd5eeb3bdc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e7ef3de229e35943495e137a298eccd5eeb3bdc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230623/dcde5310/attachment.htm>

More information about the debian-security-tracker-commits mailing list