[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-25824/mod-gnutls: buster postponed

Sylvain Beucler (@beuc) beuc at debian.org
Fri Mar 3 16:06:07 GMT 2023 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4f2612ab by Sylvain Beucler at 2023-03-03T17:06:30+01:00
CVE-2023-25824/mod-gnutls: buster postponed

- - - - -
b44551f8 by Sylvain Beucler at 2023-03-03T17:06:32+01:00
CVE-2019-25072/tendermint-go-common: buster postponed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4404,6 +4404,7 @@ CVE-2023-25825 (ZoneMinder is a free, open source Closed-circuit television soft
 	NOTE: https://github.com/ZoneMinder/zoneminder/commit/e1028c1d7f23cc1e0941b7b37bb6ae5a04364308
 CVE-2023-25824 (Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions  ...)
 	- mod-gnutls <unfixed> (bug #942737)
+	[buster] - mod-gnutls <postponed> (Minor issue, DoS)
 	NOTE: https://github.com/airtower-luna/mod_gnutls/security/advisories/GHSA-6cfv-fvgm-7pc8
 	NOTE: https://github.com/airtower-luna/mod_gnutls/commit/d7eec4e598158ab6a98bf505354e84352f9715ec (mod_gnutls/0.12.1)
 CVE-2023-25823 (Gradio is an open-source Python library to build machine learning and  ...)
@@ -50415,6 +50416,7 @@ CVE-2020-36559 (Due to improper santization of user input, HTTPEngine.Handle all
 	NOT-FOR-US: aah framework
 CVE-2019-25072 (Due to support of Gzip compression in request bodies, as well as a lac ...)
 	- tendermint-go-common <removed>
+	[buster] - tendermint-go-common <postponed> (Limited support, minor issue, DoS)
 CVE-2018-25046 (Due to improper path santization, archives containing relative file pa ...)
 	NOT-FOR-US: GO code.cloudfoundry.org/archiver
 CVE-2017-20146 (Usage of the CORS handler may apply improper CORS headers, allowing th ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9b235067f561ecba94443a9f842d31dc8f0f8284...b44551f87972d3cfb608a147869d72452f3e7a67

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9b235067f561ecba94443a9f842d31dc8f0f8284...b44551f87972d3cfb608a147869d72452f3e7a67
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230303/da72b7c2/attachment.htm>

More information about the debian-security-tracker-commits mailing list