[Git][security-tracker-team/security-tracker][master] automatic update

Sat Mar 4 20:10:50 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e2fa5346 by security tracker role at 2023-03-04T20:10:39+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2023-27604
+	RESERVED
+CVE-2023-27603
+	RESERVED
+CVE-2023-27602
+	RESERVED
+CVE-2023-1177
+	RESERVED
+CVE-2023-1176
+	RESERVED
+CVE-2023-1175 (Incorrect Calculation of Buffer Size in GitHub repository vim/vim prio ...)
+	TODO: check
+CVE-2022-4930
+	RESERVED
+CVE-2017-20181
+	RESERVED
+CVE-2017-20180
+	RESERVED
+CVE-2015-10095
+	RESERVED
+CVE-2015-10094
+	RESERVED
+CVE-2015-10093
+	RESERVED
+CVE-2015-10092
+	RESERVED
+CVE-2015-10091
+	RESERVED
+CVE-2015-10090
+	RESERVED
+CVE-2014-125092
+	RESERVED
+CVE-2006-10001
+	RESERVED
 CVE-2023-27601
 	RESERVED
 CVE-2023-27600
@@ -206,8 +240,8 @@ CVE-2021-4328 (A vulnerability has been found in 狮子鱼CMS and
 	TODO: check
 CVE-2020-36665
 	RESERVED
-CVE-2020-36664
-	RESERVED
+CVE-2020-36664 (A vulnerability has been found in Artesãos SEOTools up to 0.17.1  ...)
+	TODO: check
 CVE-2020-36663 (A vulnerability, which was classified as problematic, was found in Art ...)
 	TODO: check
 CVE-2023-27539
@@ -6387,7 +6421,7 @@ CVE-2023-25223
 CVE-2023-25222 (A heap-based buffer overflow vulnerability exits in GNU LibreDWG v0.12 ...)
 	- libredwg <itp> (bug #595191)
 CVE-2023-25221 (Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vuln ...)
-	{DSA-5346-1}
+	{DSA-5346-1 DLA-3352-1}
 	- libde265 1.0.11-1
 	NOTE: https://github.com/strukturag/libde265/issues/388
 	NOTE: https://github.com/strukturag/libde265/commit/857290982330e82d9e25d9d39527c6737021aa7d (v1.0.11)
@@ -7671,39 +7705,39 @@ CVE-2023-24760
 CVE-2023-24759
 	RESERVED
 CVE-2023-24758 (libde265 v1.0.10 was discovered to contain a NULL pointer dereference  ...)
-	{DSA-5346-1}
+	{DSA-5346-1 DLA-3352-1}
 	- libde265 1.0.11-1
 	NOTE: https://github.com/strukturag/libde265/issues/383
 	NOTE: https://github.com/strukturag/libde265/commit/bfb6de155f9fb015d2904cb4ef07809f17995276 (v1.0.11)
 CVE-2023-24757 (libde265 v1.0.10 was discovered to contain a NULL pointer dereference  ...)
-	{DSA-5346-1}
+	{DSA-5346-1 DLA-3352-1}
 	- libde265 1.0.11-1
 	NOTE: https://github.com/strukturag/libde265/issues/385
 	NOTE: https://github.com/strukturag/libde265/commit/48eb7dafe204b825b4a62948ed171a0cd3f1bda2 (v1.0.11)
 CVE-2023-24756 (libde265 v1.0.10 was discovered to contain a NULL pointer dereference  ...)
-	{DSA-5346-1}
+	{DSA-5346-1 DLA-3352-1}
 	- libde265 1.0.11-1
 	NOTE: https://github.com/strukturag/libde265/issues/380
 	NOTE: https://github.com/strukturag/libde265/commit/48eb7dafe204b825b4a62948ed171a0cd3f1bda2 (v1.0.11)
 CVE-2023-24755 (libde265 v1.0.10 was discovered to contain a NULL pointer dereference  ...)
-	{DSA-5346-1}
+	{DSA-5346-1 DLA-3352-1}
 	- libde265 1.0.11-1
 	NOTE: https://github.com/strukturag/libde265/issues/384
 	NOTE: https://github.com/strukturag/libde265/commit/48eb7dafe204b825b4a62948ed171a0cd3f1bda2 (v1.0.11)
 CVE-2023-24754 (libde265 v1.0.10 was discovered to contain a NULL pointer dereference  ...)
-	{DSA-5346-1}
+	{DSA-5346-1 DLA-3352-1}
 	- libde265 1.0.11-1
 	NOTE: https://github.com/strukturag/libde265/issues/382
 	NOTE: https://github.com/strukturag/libde265/commit/bfb6de155f9fb015d2904cb4ef07809f17995276 (v1.0.11)
 CVE-2023-24753
 	RESERVED
 CVE-2023-24752 (libde265 v1.0.10 was discovered to contain a NULL pointer dereference  ...)
-	{DSA-5346-1}
+	{DSA-5346-1 DLA-3352-1}
 	- libde265 1.0.11-1
 	NOTE: https://github.com/strukturag/libde265/issues/378
 	NOTE: https://github.com/strukturag/libde265/commit/052bacb2535cf0024042eefde58e48df2c778f7c (v1.0.11)
 CVE-2023-24751 (libde265 v1.0.10 was discovered to contain a NULL pointer dereference  ...)
-	{DSA-5346-1}
+	{DSA-5346-1 DLA-3352-1}
 	- libde265 1.0.11-1
 	NOTE: https://github.com/strukturag/libde265/issues/379
 	NOTE: https://github.com/strukturag/libde265/commit/7ea8e3cbb010bc02fa38419e87ed2281d7933850 (v1.0.11)
@@ -239207,7 +239241,7 @@ CVE-2019-19922 (kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.c
 	[buster] - linux 4.19.87-1
 	[stretch] - linux <not-affected> (Vulnerability introduced later)
 	NOTE: https://git.kernel.org/linus/de53fd7aedb100f03e5d2231cfce0e4993282425
-CVE-2023-27561
+CVE-2023-27561 (runc through 1.1.4 has Incorrect Access Control leading to Escalation  ...)
 	- runc <unfixed>
 	NOTE: https://github.com/opencontainers/runc/issues/3751
 	NOTE: https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2fa53469782442bec04ef213239d261adf958e0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2fa53469782442bec04ef213239d261adf958e0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230304/07aa5e5e/attachment.htm>
