[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-25824/mod-gnutls: buster postponed
Sylvain Beucler (@beuc)
beuc at debian.org
Fri Mar 3 16:06:07 GMT 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4f2612ab by Sylvain Beucler at 2023-03-03T17:06:30+01:00
CVE-2023-25824/mod-gnutls: buster postponed
- - - - -
b44551f8 by Sylvain Beucler at 2023-03-03T17:06:32+01:00
CVE-2019-25072/tendermint-go-common: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4404,6 +4404,7 @@ CVE-2023-25825 (ZoneMinder is a free, open source Closed-circuit television soft
NOTE: https://github.com/ZoneMinder/zoneminder/commit/e1028c1d7f23cc1e0941b7b37bb6ae5a04364308
CVE-2023-25824 (Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions ...)
- mod-gnutls <unfixed> (bug #942737)
+ [buster] - mod-gnutls <postponed> (Minor issue, DoS)
NOTE: https://github.com/airtower-luna/mod_gnutls/security/advisories/GHSA-6cfv-fvgm-7pc8
NOTE: https://github.com/airtower-luna/mod_gnutls/commit/d7eec4e598158ab6a98bf505354e84352f9715ec (mod_gnutls/0.12.1)
CVE-2023-25823 (Gradio is an open-source Python library to build machine learning and ...)
@@ -50415,6 +50416,7 @@ CVE-2020-36559 (Due to improper santization of user input, HTTPEngine.Handle all
NOT-FOR-US: aah framework
CVE-2019-25072 (Due to support of Gzip compression in request bodies, as well as a lac ...)
- tendermint-go-common <removed>
+ [buster] - tendermint-go-common <postponed> (Limited support, minor issue, DoS)
CVE-2018-25046 (Due to improper path santization, archives containing relative file pa ...)
NOT-FOR-US: GO code.cloudfoundry.org/archiver
CVE-2017-20146 (Usage of the CORS handler may apply improper CORS headers, allowing th ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9b235067f561ecba94443a9f842d31dc8f0f8284...b44551f87972d3cfb608a147869d72452f3e7a67
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9b235067f561ecba94443a9f842d31dc8f0f8284...b44551f87972d3cfb608a147869d72452f3e7a67
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230303/da72b7c2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list