[Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Mar 10 19:18:21 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a9780b83 by Moritz Muehlenhoff at 2023-03-10T20:17:49+01:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2580,28 +2580,28 @@ CVE-2023-27121
CVE-2023-27120
RESERVED
CVE-2023-27119 (WebAssembly v1.0.29 was discovered to contain a segmentation fault via ...)
- - wabt <unfixed> (unimportant)
+ - wabt <unfixed> (unimportant; bug #1032669)
NOTE: Crash in CLI tool, no security impact
NOTE: https://github.com/WebAssembly/wabt/issues/1990
CVE-2023-27118
RESERVED
CVE-2023-27117 (WebAssembly v1.0.29 was discovered to contain a heap overflow via the ...)
- - wabt <unfixed> (unimportant)
+ - wabt <unfixed> (unimportant; bug #1032669)
NOTE: Crash in CLI tool, no security impact
NOTE: https://github.com/WebAssembly/wabt/issues/1989
CVE-2023-27116 (WebAssembly v1.0.29 discovered to contain an abort in CWriter::MangleT ...)
- - wabt <unfixed> (unimportant)
+ - wabt <unfixed> (unimportant; bug #1032669)
NOTE: Crash in CLI tool, no security impact
NOTE: https://github.com/WebAssembly/wabt/issues/1984
NOTE: https://github.com/WebAssembly/wabt/pull/2119
NOTE: https://github.com/WebAssembly/wabt/commit/8a7b7497bdf78f9099f8d5a3a2c9bde87ddd52da
CVE-2023-27115 (WebAssembly v1.0.29 was discovered to contain a segmentation fault via ...)
- - wabt <unfixed> (unimportant)
+ - wabt <unfixed> (unimportant; bug #1032669)
NOTE: Crash in CLI tool, no security impact
NOTE: https://github.com/WebAssembly/wabt/issues/1938
NOTE: https://github.com/WebAssembly/wabt/issues/1992
CVE-2023-27114 (radare2 v5.8.3 was discovered to contain a segmentation fault via the ...)
- - radare2 <unfixed>
+ - radare2 <unfixed> (bug #1032667)
NOTE: https://github.com/radareorg/radare2/issues/21363
NOTE: https://github.com/radareorg/radare2/commit/13308c9aad79f9c7a3507ce549fe270103e8ceea
CVE-2023-27113
@@ -14154,7 +14154,7 @@ CVE-2023-0198
CVE-2023-0197
RESERVED
CVE-2023-0196 (NVIDIA CUDA Toolkit SDK contains a bug in cuobjdump, where a local use ...)
- - nvidia-cuda-toolkit <unfixed>
+ - nvidia-cuda-toolkit <unfixed> (bug #1032668)
[bullseye] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5446
CVE-2023-0195
@@ -14163,7 +14163,7 @@ CVE-2023-0194
RESERVED
CVE-2023-0193
RESERVED
- - nvidia-cuda-toolkit <unfixed>
+ - nvidia-cuda-toolkit <unfixed> (bug #1032668)
[bullseye] - nvidia-cuda-toolkit <no-dsa> (Non-free not supported)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5446
CVE-2023-0192
@@ -126309,7 +126309,7 @@ CVE-2021-36491
CVE-2021-36490
RESERVED
CVE-2021-36489 (Buffer Overflow vulnerability in Allegro through 5.2.6 allows attacker ...)
- - allegro4.4 <unfixed>
+ - allegro4.4 <unfixed> (bug #1032670)
- allegro5 2:5.2.8.0+dfsg-1
[bullseye] - allegro5 <no-dsa> (Minor issue)
NOTE: https://github.com/liballeg/allegro5/issues/1251
@@ -133889,7 +133889,7 @@ CVE-2021-33393 (lfs/backup in IPFire 2.25-core155 does not ensure that /var/ipfi
CVE-2021-33392
RESERVED
CVE-2021-33391 (An issue in HTACG HTML Tidy v5.7.28 allows attacker to execute arbitra ...)
- - tidy-html5 <unfixed>
+ - tidy-html5 <unfixed> (bug #1032665)
[bullseye] - tidy-html5 <no-dsa> (Minor issue)
NOTE: https://github.com/htacg/tidy-html5/issues/946
NOTE: https://github.com/htacg/tidy-html5/commit/efa61528aa500a1efbd2768121820742d3bb709b
@@ -133940,7 +133940,7 @@ CVE-2021-33369
CVE-2021-33368
RESERVED
CVE-2021-33367 (Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to ...)
- - freeimage <unfixed>
+ - freeimage <unfixed> (bug #1032666)
[bookworm] - freeimage <no-dsa> (Minor issue)
[bullseye] - freeimage <no-dsa> (Minor issue)
NOTE: https://sourceforge.net/p/freeimage/discussion/36109/thread/1a4db03d58/
@@ -135336,7 +135336,7 @@ CVE-2021-32823 (In the bindata RubyGem before version 2.4.10 there is a potentia
CVE-2021-32822 (The npm hbs package is an Express view engine wrapper for Handlebars. ...)
NOT-FOR-US: Node hbs
CVE-2021-32821 (MooTools is a collection of JavaScript utilities for JavaScript develo ...)
- - mootols <unfixed>
+ - mootols <unfixed> (bug #1032664)
NOTE: https://securitylab.github.com/advisories/GHSL-2020-345-redos-mootools/
CVE-2021-32820 (Express-handlebars is a Handlebars view engine for Express. Express-ha ...)
NOT-FOR-US: Express-handlebars
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9780b83ea9b7efd0b49126113d4fff16484f0f4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9780b83ea9b7efd0b49126113d4fff16484f0f4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230310/e7f251bb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list