[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Mar 25 20:10:42 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
81244eb1 by security tracker role at 2023-03-25T20:10:28+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2023-1636
+ RESERVED
+CVE-2023-1635 (A vulnerability was found in OTCMS 6.72. It has been declared as probl ...)
+ TODO: check
+CVE-2023-1634 (A vulnerability was found in OTCMS 6.72. It has been classified as cri ...)
+ TODO: check
+CVE-2023-1633
+ RESERVED
+CVE-2023-1632 (A vulnerability has been found in Ellucian Banner Web Tailor 8.6 and c ...)
+ TODO: check
+CVE-2023-1631 (A vulnerability, which was classified as problematic, was found in Jia ...)
+ TODO: check
+CVE-2023-1630 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2023-1629 (A vulnerability classified as critical was found in Jianming Antivirus ...)
+ TODO: check
+CVE-2023-1628 (A vulnerability classified as problematic has been found in Jianming A ...)
+ TODO: check
+CVE-2023-1627 (A vulnerability was found in Jianming Antivirus 16.2.2022.418. It has ...)
+ TODO: check
+CVE-2023-1626 (A vulnerability was found in Jianming Antivirus 16.2.2022.418. It has ...)
+ TODO: check
CVE-2023-28857
RESERVED
CVE-2023-28856
@@ -69,6 +91,7 @@ CVE-2023-22325
CVE-2023-22308
RESERVED
CVE-2023-1625 [information leak in API]
+ RESERVED
[experimental] - heat 1:20.0.0~rc1-1
- heat <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2181621
@@ -95,10 +118,10 @@ CVE-2023-1616 (A vulnerability was found in XiaoBingBy TeaCMS up to 2.0.2. It ha
CVE-2020-36691 (An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c a ...)
- linux 5.8.7-1
NOTE: https://git.kernel.org/linus/7690aa1cdf7c4565ad6b013b324c28b685505e24 (5.8-rc1)
-CVE-2016-15030
- RESERVED
-CVE-2015-10097
- RESERVED
+CVE-2016-15030 (A vulnerability classified as problematic has been found in Arno0x Two ...)
+ TODO: check
+CVE-2015-10097 (A vulnerability was found in grinnellplans-php up to 3.0. It has been ...)
+ TODO: check
CVE-2023-28821
RESERVED
CVE-2023-28820
@@ -340,8 +363,7 @@ CVE-2023-28731
RESERVED
CVE-2023-27882
RESERVED
-CVE-2023-1583
- RESERVED
+CVE-2023-1583 (A NULL pointer dereference was found in io_file_bitmap_get in io_uring ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
@@ -1335,16 +1357,16 @@ CVE-2023-28466 (do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel thro
NOTE: https://git.kernel.org/linus/49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962
CVE-2023-28449
RESERVED
-CVE-2023-28448
- RESERVED
+CVE-2023-28448 (Versionize is a framework for version tolerant serializion/deserializa ...)
+ TODO: check
CVE-2023-28447
RESERVED
-CVE-2023-28446
- RESERVED
+CVE-2023-28446 (Deno is a simple, modern and secure runtime for JavaScript and TypeScr ...)
+ TODO: check
CVE-2023-28445 (Deno is a runtime for JavaScript and TypeScript that uses V8 and is bu ...)
NOT-FOR-US: Deno
-CVE-2023-28444
- RESERVED
+CVE-2023-28444 (angular-server-side-configuration helps configure an angular applicati ...)
+ TODO: check
CVE-2023-28443 (Directus is a real-time API and App dashboard for managing SQL databas ...)
NOT-FOR-US: Directus
CVE-2023-28442 (GeoNode is an open source platform that facilitates the creation, shar ...)
@@ -1357,12 +1379,12 @@ CVE-2023-28439 (CKEditor4 is an open source what-you-see-is-what-you-get HTML ed
TODO: check
CVE-2023-28438 (Pimcore is an open source data and experience management platform. Pri ...)
NOT-FOR-US: Pimcore
-CVE-2023-28437
- RESERVED
+CVE-2023-28437 (Dataease is an open source data visualization and analysis tool. The b ...)
+ TODO: check
CVE-2023-28436 (Tailscale is software for using Wireguard and multi-factor authenticat ...)
NOT-FOR-US: Tailscale
-CVE-2023-28435
- RESERVED
+CVE-2023-28435 (Dataease is an open source data visualization and analysis tool. The p ...)
+ TODO: check
CVE-2023-28434 (Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023 ...)
- minio <itp> (bug #859207)
CVE-2023-28433 (Minio is a Multi-Cloud Object Storage framework. All users on Windows ...)
@@ -2355,8 +2377,8 @@ CVE-2023-28152 (An issue was discovered in Independentsoft JWord before 1.1.110.
NOT-FOR-US: Independentsoft JWord
CVE-2023-28151 (An issue was discovered in Independentsoft JSpreadsheet before 1.1.110 ...)
NOT-FOR-US: Independentsoft JSpreadsheet
-CVE-2023-28150
- RESERVED
+CVE-2023-28150 (An issue was discovered in Independentsoft JODF before 1.1.110. The AP ...)
+ TODO: check
CVE-2023-28149
RESERVED
CVE-2023-28148
@@ -4065,8 +4087,8 @@ CVE-2023-27581 (github-slug-action is a GitHub Action to expose slug value of Gi
NOT-FOR-US: github-slug-action
CVE-2023-27580 (CodeIgniter Shield provides authentication and authorization for the C ...)
NOT-FOR-US: CodeIgniter
-CVE-2023-27579
- RESERVED
+CVE-2023-27579 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+ TODO: check
CVE-2023-27578 (Galaxy is an open-source platform for data analysis. All supported ver ...)
NOT-FOR-US: Galaxy
CVE-2023-27577 (flarum is a forum software package for building communities. In versio ...)
@@ -5541,8 +5563,8 @@ CVE-2023-27057
RESERVED
CVE-2023-27056
RESERVED
-CVE-2023-27055
- RESERVED
+CVE-2023-27055 (Aver Information Inc PTZApp2 v20.01044.48 allows attackers to access s ...)
+ TODO: check
CVE-2023-27054 (A cross-site scripting (XSS) vulnerability in MiroTalk P2P before comm ...)
NOT-FOR-US: MiroTalk
CVE-2023-27053
@@ -5567,8 +5589,8 @@ CVE-2023-27044
RESERVED
CVE-2023-27043
RESERVED
-CVE-2023-27042
- RESERVED
+CVE-2023-27042 (Tenda AX3 V16.03.12.11 is vulnerable to Buffer Overflow via /goform/Se ...)
+ TODO: check
CVE-2023-27041 (School Registration and Fee System v1.0 was discovered to contain a SQ ...)
NOT-FOR-US: School Registration and Fee System
CVE-2023-27040 (Simple Image Gallery v1.0 was discovered to contain a remote code exec ...)
@@ -5923,8 +5945,8 @@ CVE-2023-26866
RESERVED
CVE-2023-26865
RESERVED
-CVE-2023-26864
- RESERVED
+CVE-2023-26864 (SQL injection vulnerability found in PrestaShop smplredirectionsmanage ...)
+ TODO: check
CVE-2023-26863
RESERVED
CVE-2023-26862
@@ -8735,8 +8757,8 @@ CVE-2023-25803 (Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache,
NOT-FOR-US: Roxy-WI
CVE-2023-25802 (Roxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Ke ...)
NOT-FOR-US: Roxy-WI
-CVE-2023-25801
- RESERVED
+CVE-2023-25801 (TensorFlow is an open source machine learning platform. Prior to versi ...)
+ TODO: check
CVE-2023-25800
RESERVED
CVE-2023-25799
@@ -9382,44 +9404,44 @@ CVE-2023-0773
RESERVED
CVE-2023-0772 (The Popup Builder by OptinMonster WordPress plugin before 2.12.2 does ...)
NOT-FOR-US: WordPress plugin
-CVE-2023-25676
- RESERVED
-CVE-2023-25675
- RESERVED
-CVE-2023-25674
- RESERVED
-CVE-2023-25673
- RESERVED
-CVE-2023-25672
- RESERVED
-CVE-2023-25671
- RESERVED
-CVE-2023-25670
- RESERVED
-CVE-2023-25669
- RESERVED
-CVE-2023-25668
- RESERVED
-CVE-2023-25667
- RESERVED
-CVE-2023-25666
- RESERVED
-CVE-2023-25665
- RESERVED
-CVE-2023-25664
- RESERVED
-CVE-2023-25663
- RESERVED
-CVE-2023-25662
- RESERVED
+CVE-2023-25676 (TensorFlow is an open source machine learning platform. When running v ...)
+ TODO: check
+CVE-2023-25675 (TensorFlow is an open source machine learning platform. When running v ...)
+ TODO: check
+CVE-2023-25674 (TensorFlow is an open source machine learning platform. Versions prior ...)
+ TODO: check
+CVE-2023-25673 (TensorFlow is an open source platform for machine learning. Versions p ...)
+ TODO: check
+CVE-2023-25672 (TensorFlow is an open source platform for machine learning. The functi ...)
+ TODO: check
+CVE-2023-25671 (TensorFlow is an open source platform for machine learning. There is o ...)
+ TODO: check
+CVE-2023-25670 (TensorFlow is an open source platform for machine learning. Versions p ...)
+ TODO: check
+CVE-2023-25669 (TensorFlow is an open source platform for machine learning. Prior to v ...)
+ TODO: check
+CVE-2023-25668 (TensorFlow is an open source platform for machine learning. Attackers ...)
+ TODO: check
+CVE-2023-25667 (TensorFlow is an open source platform for machine learning. Prior to v ...)
+ TODO: check
+CVE-2023-25666 (TensorFlow is an open source platform for machine learning. Prior to v ...)
+ TODO: check
+CVE-2023-25665 (TensorFlow is an open source platform for machine learning. Prior to v ...)
+ TODO: check
+CVE-2023-25664 (TensorFlow is an open source platform for machine learning. Prior to v ...)
+ TODO: check
+CVE-2023-25663 (TensorFlow is an open source platform for machine learning. Prior to v ...)
+ TODO: check
+CVE-2023-25662 (TensorFlow is an open source platform for machine learning. Versions p ...)
+ TODO: check
CVE-2023-25661
RESERVED
-CVE-2023-25660
- RESERVED
-CVE-2023-25659
- RESERVED
-CVE-2023-25658
- RESERVED
+CVE-2023-25660 (TensorFlow is an open source platform for machine learning. Prior to v ...)
+ TODO: check
+CVE-2023-25659 (TensorFlow is an open source platform for machine learning. Prior to v ...)
+ TODO: check
+CVE-2023-25658 (TensorFlow is an open source platform for machine learning. Prior to v ...)
+ TODO: check
CVE-2023-25657 (Nautobot is a Network Source of Truth and Network Automation Platform. ...)
NOT-FOR-US: Nautobot
CVE-2023-25656 (notation-go is a collection of libraries for supporting Notation sign, ...)
@@ -10308,8 +10330,8 @@ CVE-2023-25352
RESERVED
CVE-2023-25351
RESERVED
-CVE-2023-25350
- RESERVED
+CVE-2023-25350 (Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection. When the use ...)
+ TODO: check
CVE-2023-25349
RESERVED
CVE-2023-25348
@@ -16429,8 +16451,8 @@ CVE-2023-23151 (bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file
NOT-FOR-US: bloofoxCMS
CVE-2023-23150 (SA-WR915ND router firmware v17.35.1 was discovered to be vulnerable to ...)
NOT-FOR-US: SA-WR915ND
-CVE-2023-23149
- RESERVED
+CVE-2023-23149 (DEK-1705 <=Firmware:34.23.1 device was discovered to have a command ...)
+ TODO: check
CVE-2023-23148
RESERVED
CVE-2023-23147
@@ -17697,8 +17719,8 @@ CVE-2023-22814
RESERVED
CVE-2023-22813
RESERVED
-CVE-2023-22812
- RESERVED
+CVE-2023-22812 (SanDisk PrivateAccess versions prior to 6.4.9 support insecure TLS 1.0 ...)
+ TODO: check
CVE-2023-22811
RESERVED
CVE-2023-22810
@@ -28374,8 +28396,8 @@ CVE-2022-45599 (Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulner
NOT-FOR-US: Aztech WMB250AC Mesh Routers Firmware
CVE-2022-45598 (Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.1 ...)
NOT-FOR-US: Joplin Desktop App
-CVE-2022-45597
- RESERVED
+CVE-2022-45597 (ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation. ...)
+ TODO: check
CVE-2022-45596
RESERVED
CVE-2022-45595
@@ -31801,277 +31823,263 @@ CVE-2023-21081
RESERVED
CVE-2023-21080
RESERVED
-CVE-2023-21079
- RESERVED
-CVE-2023-21078
- RESERVED
-CVE-2023-21077
- RESERVED
-CVE-2023-21076
- RESERVED
-CVE-2023-21075
- RESERVED
+CVE-2023-21079 (In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bound ...)
+ TODO: check
+CVE-2023-21078 (In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bound ...)
+ TODO: check
+CVE-2023-21077 (In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bound ...)
+ TODO: check
+CVE-2023-21076 (In createTransmitFollowupRequest of nan.cpp, there is a possible out o ...)
+ TODO: check
+CVE-2023-21075 (In get_svc_hash of nan.cpp, there is a possible out of bounds write du ...)
+ TODO: check
CVE-2023-21074
RESERVED
-CVE-2023-21073
- RESERVED
-CVE-2023-21072
- RESERVED
-CVE-2023-21071
- RESERVED
-CVE-2023-21070
- RESERVED
-CVE-2023-21069
- RESERVED
-CVE-2023-21068
- RESERVED
-CVE-2023-21067
- RESERVED
+CVE-2023-21073 (In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bound ...)
+ TODO: check
+CVE-2023-21072 (In rtt_unpack_xtlv_cbfn of dhd_rtt.c, there is a possible out of bound ...)
+ TODO: check
+CVE-2023-21071 (In dhd_prot_ioctcmplt_process of dhd_msgbuf.c, there is a possible out ...)
+ TODO: check
+CVE-2023-21070 (In add_roam_cache_list of wl_roam.c, there is a possible out of bounds ...)
+ TODO: check
+CVE-2023-21069 (In wl_update_hidden_ap_ie of wl_cfgscan.c, there is a possible out of ...)
+ TODO: check
+CVE-2023-21068 (In (TBD) of (TBD), there is a possible way to boot with a hidden debug ...)
+ TODO: check
+CVE-2023-21067 (Product: AndroidVersions: Android kernelAndroid ID: A-254114726Referen ...)
+ TODO: check
CVE-2023-21066
RESERVED
-CVE-2023-21065
- RESERVED
-CVE-2023-21064
- RESERVED
-CVE-2023-21063
- RESERVED
-CVE-2023-21062
- RESERVED
-CVE-2023-21061
- RESERVED
-CVE-2023-21060
- RESERVED
-CVE-2023-21059
- RESERVED
-CVE-2023-21058
- RESERVED
-CVE-2023-21057
- RESERVED
-CVE-2023-21056
- RESERVED
-CVE-2023-21055
- RESERVED
-CVE-2023-21054
- RESERVED
-CVE-2023-21053
- RESERVED
-CVE-2023-21052
- RESERVED
-CVE-2023-21051
- RESERVED
-CVE-2023-21050
- RESERVED
-CVE-2023-21049
- RESERVED
-CVE-2023-21048
- RESERVED
-CVE-2023-21047
- RESERVED
-CVE-2023-21046
- RESERVED
-CVE-2023-21045
- RESERVED
-CVE-2023-21044
- RESERVED
-CVE-2023-21043
- RESERVED
-CVE-2023-21042
- RESERVED
-CVE-2023-21041
- RESERVED
-CVE-2023-21040
- RESERVED
-CVE-2023-21039
- RESERVED
-CVE-2023-21038
- RESERVED
+CVE-2023-21065 (In fdt_next_tag of fdt.c, there is a possible out of bounds write due ...)
+ TODO: check
+CVE-2023-21064 (In DoSetPinControl of miscservice.cpp, there is a possible out of boun ...)
+ TODO: check
+CVE-2023-21063 (In ParseWithAuthType of simdata.cpp, there is a possible out of bounds ...)
+ TODO: check
+CVE-2023-21062 (In DoSetTempEcc of imsservice.cpp, there is a possible out of bounds r ...)
+ TODO: check
+CVE-2023-21061 (Product: AndroidVersions: Android kernelAndroid ID: A-229255400Referen ...)
+ TODO: check
+CVE-2023-21060 (In sms_GetTpPiIe of sms_PduCodec.c, there is a possible out of bounds ...)
+ TODO: check
+CVE-2023-21059 (In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, ...)
+ TODO: check
+CVE-2023-21058 (In lcsm_SendRrAcquiAssist of lcsm_bcm_assist.c, there is a possible ou ...)
+ TODO: check
+CVE-2023-21057 (In ProfSixDecomTcpSACKoption of RohcPacketCommon, there is a possible ...)
+ TODO: check
+CVE-2023-21056 (In lwis_slc_buffer_free of lwis_device_slc.c, there is a possible memo ...)
+ TODO: check
+CVE-2023-21055 (In dit_hal_ioctl of dit.c, there is a possible use after free due to a ...)
+ TODO: check
+CVE-2023-21054 (In EUTRAN_LCS_ConvertLCS_MOLRReq of LPP_CommonUtil.c, there is a possi ...)
+ TODO: check
+CVE-2023-21053 (In sms_ExtractCbLanguage of sms_CellBroadcast.c, there is a possible o ...)
+ TODO: check
+CVE-2023-21052 (In setToExternal of ril_external_client.cpp, there is a possible out o ...)
+ TODO: check
+CVE-2023-21051 (In dwc3_exynos_clk_get of dwc3-exynos.c, there is a possible out of bo ...)
+ TODO: check
+CVE-2023-21050 (In load_png_image of ExynosHWCHelper.cpp, there is a possible out of b ...)
+ TODO: check
+CVE-2023-21049 (In append_camera_metadata of camera_metadata.c, there is a possible ou ...)
+ TODO: check
+CVE-2023-21048 (In handleEvent of nan.cpp, there is a possible out of bounds read due ...)
+ TODO: check
+CVE-2023-21047 (In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of b ...)
+ TODO: check
+CVE-2023-21046 (In ConvertToHalMetadata of aidl_utils.cc, there is a possible out of b ...)
+ TODO: check
+CVE-2023-21045 (When cpif handles probe failures, there is a possible out of bounds re ...)
+ TODO: check
+CVE-2023-21044 (In init of VendorGraphicBufferMeta, there is a possible out of bounds ...)
+ TODO: check
+CVE-2023-21043 (In (TBD) of (TBD), there is a possible way to corrupt memory due to a ...)
+ TODO: check
+CVE-2023-21042 (In (TBD) of (TBD), there is a possible way to corrupt memory due to a ...)
+ TODO: check
+CVE-2023-21041 (In append_to_params of param_util.c, there is a possible out of bounds ...)
+ TODO: check
+CVE-2023-21040 (In buildCommand of bluetooth_ccc.cc, there is a possible out of bounds ...)
+ TODO: check
+CVE-2023-21039 (In dumpstateBoard of Dumpstate.cpp, there is a possible out of bounds ...)
+ TODO: check
+CVE-2023-21038 (In cs40l2x_cp_trigger_queue_show of cs40l2x.c, there is a possible out ...)
+ TODO: check
CVE-2023-21037
RESERVED
-CVE-2023-21036
- RESERVED
-CVE-2023-21035
- RESERVED
-CVE-2023-21034
- RESERVED
-CVE-2023-21033
- RESERVED
-CVE-2023-21032
- RESERVED
-CVE-2023-21031
- RESERVED
-CVE-2023-21030
- RESERVED
-CVE-2023-21029
- RESERVED
-CVE-2023-21028
- RESERVED
-CVE-2023-21027
- RESERVED
-CVE-2023-21026
- RESERVED
-CVE-2023-21025
- RESERVED
-CVE-2023-21024
- RESERVED
+CVE-2023-21036 (In BitmapExport.java, there is a possible failure to truncate images d ...)
+ TODO: check
+CVE-2023-21035 (In multiple functions of BackupHelper.java, there is a possible way fo ...)
+ TODO: check
+CVE-2023-21034 (In multiple functions of SensorService.cpp, there is a possible access ...)
+ TODO: check
+CVE-2023-21033 (In addNetwork of WifiManager.java, there is a possible way to trigger ...)
+ TODO: check
+CVE-2023-21032 (In _ufdt_output_node_to_fdt of ufdt_convert.c, there is a possible out ...)
+ TODO: check
+CVE-2023-21031 (In Display::setPowerMode of HWC2.cpp, there is a possible out of bound ...)
+ TODO: check
+CVE-2023-21030 (In Confirmation of keystore_cli_v2.cpp, there is a possible way to cor ...)
+ TODO: check
+CVE-2023-21029 (In register of UidObserverController.java, there is a missing permissi ...)
+ TODO: check
+CVE-2023-21028 (In parse_printerAttributes of ipphelper.c, there is a possible out of ...)
+ TODO: check
+CVE-2023-21027 (In serializePasspointConfiguration of PasspointXmlUtils.java, there is ...)
+ TODO: check
+CVE-2023-21026 (In updateInputChannel of WindowManagerService.java, there is a possibl ...)
+ TODO: check
+CVE-2023-21025 (In ufdt_local_fixup_prop of ufdt_overlay.c, there is a possible out of ...)
+ TODO: check
+CVE-2023-21024 (In maybeFinish of FallbackHome.java, there is a possible delay of lock ...)
+ TODO: check
CVE-2023-21023
RESERVED
-CVE-2023-21022
- RESERVED
-CVE-2023-21021
- RESERVED
-CVE-2023-21020
- RESERVED
-CVE-2023-21019
- RESERVED
-CVE-2023-21018
- RESERVED
-CVE-2023-21017
- RESERVED
-CVE-2023-21016
- RESERVED
-CVE-2023-21015
- RESERVED
-CVE-2023-21014
- RESERVED
-CVE-2023-21013
- RESERVED
-CVE-2023-21012
- RESERVED
-CVE-2023-21011
- RESERVED
-CVE-2023-21010
- RESERVED
-CVE-2023-21009
- RESERVED
-CVE-2023-21008
- RESERVED
-CVE-2023-21007
- RESERVED
-CVE-2023-21006
- RESERVED
-CVE-2023-21005
- RESERVED
-CVE-2023-21004
- RESERVED
-CVE-2023-21003
- RESERVED
-CVE-2023-21002
- RESERVED
-CVE-2023-21001
- RESERVED
-CVE-2023-21000
- RESERVED
-CVE-2023-20999
- RESERVED
-CVE-2023-20998
- RESERVED
-CVE-2023-20997
- RESERVED
-CVE-2023-20996
- RESERVED
-CVE-2023-20995
- RESERVED
-CVE-2023-20994
- RESERVED
-CVE-2023-20993
- RESERVED
-CVE-2023-20992
- RESERVED
-CVE-2023-20991
- RESERVED
-CVE-2023-20990
- RESERVED
-CVE-2023-20989
- RESERVED
-CVE-2023-20988
- RESERVED
-CVE-2023-20987
- RESERVED
-CVE-2023-20986
- RESERVED
-CVE-2023-20985
- RESERVED
-CVE-2023-20984
- RESERVED
-CVE-2023-20983
- RESERVED
-CVE-2023-20982
- RESERVED
-CVE-2023-20981
- RESERVED
-CVE-2023-20980
- RESERVED
-CVE-2023-20979
- RESERVED
+CVE-2023-21022 (In BufferBlock of Suballocation.cpp, there is a possible out of bounds ...)
+ TODO: check
+CVE-2023-21021 (In isTargetSdkLessThanQOrPrivileged of WifiServiceImpl.java, there is ...)
+ TODO: check
+CVE-2023-21020 (In registerSignalHandlers of main.c, there is a possible local arbitra ...)
+ TODO: check
+CVE-2023-21019 (In ih264e_init_proc_ctxt of ih264e_process.c, there is a possible out ...)
+ TODO: check
+CVE-2023-21018 (In UnwindingWorker of unwinding.cc, there is a possible out of bounds ...)
+ TODO: check
+CVE-2023-21017 (In InstallStart of InstallStart.java, there is a possible way to chang ...)
+ TODO: check
+CVE-2023-21016 (In AccountTypePreference of AccountTypePreference.java, there is a pos ...)
+ TODO: check
+CVE-2023-21015 (In getAvailabilityStatus of several Transcode Permission Controllers, ...)
+ TODO: check
+CVE-2023-21014 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-21013 (In forceStaDisconnection of hostapd.cpp, there is a possible out of bo ...)
+ TODO: check
+CVE-2023-21012 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-21011 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-21010 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-21009 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-21008 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-21007 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-21006 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-21005 (In getAvailabilityStatus of several Transcode Permission Controllers, ...)
+ TODO: check
+CVE-2023-21004 (In getAvailabilityStatus of several Transcode Permission Controllers, ...)
+ TODO: check
+CVE-2023-21003 (In getAvailabilityStatus of several Transcode Permission Controllers, ...)
+ TODO: check
+CVE-2023-21002 (In getAvailabilityStatus of several Transcode Permission Controllers, ...)
+ TODO: check
+CVE-2023-21001 (In onContextItemSelected of NetworkProviderSettings.java, there is a p ...)
+ TODO: check
+CVE-2023-21000 (In MediaCodec.cpp, there is a possible use after free due to improper ...)
+ TODO: check
+CVE-2023-20999 (In multiple locations, there is a possible way to trigger a persistent ...)
+ TODO: check
+CVE-2023-20998 (In multiple locations, there is a possible way to trigger a persistent ...)
+ TODO: check
+CVE-2023-20997 (In multiple locations, there is a possible way to trigger a persistent ...)
+ TODO: check
+CVE-2023-20996 (In multiple locations, there is a possible way to trigger a persistent ...)
+ TODO: check
+CVE-2023-20995 (In captureImage of CustomizedSensor.cpp, there is a possible way to by ...)
+ TODO: check
+CVE-2023-20994 (In _ufdt_output_property_to_fdt of ufdt_convert.c, there is a possible ...)
+ TODO: check
+CVE-2023-20993 (In multiple functions of SnoozeHelper.java, there is a possible failur ...)
+ TODO: check
+CVE-2023-20992 (In on_iso_link_quality_read of btm_iso_impl.h, there is a possible out ...)
+ TODO: check
+CVE-2023-20991 (In btm_ble_process_periodic_adv_sync_lost_evt of ble_scanner_hci_inter ...)
+ TODO: check
+CVE-2023-20990 (In btm_read_local_oob_complete of btm_sec.cc, there is a possible out ...)
+ TODO: check
+CVE-2023-20989 (In btm_ble_write_adv_enable_complete of btm_ble_gap.cc, there is a pos ...)
+ TODO: check
+CVE-2023-20988 (In btm_read_rssi_complete of btm_acl.cc, there is a possible out of bo ...)
+ TODO: check
+CVE-2023-20987 (In btm_read_link_quality_complete of btm_acl.cc, there is a possible o ...)
+ TODO: check
+CVE-2023-20986 (In btm_ble_clear_resolving_list_complete of btm_ble_privacy.cc, there ...)
+ TODO: check
+CVE-2023-20985 (In BTA_GATTS_HandleValueIndication of bta_gatts_api.cc, there is a pos ...)
+ TODO: check
+CVE-2023-20984 (In ParseBqrLinkQualityEvt of btif_bqr.cc, there is a possible out of b ...)
+ TODO: check
+CVE-2023-20983 (In btm_ble_rand_enc_complete of btm_sec.cc, there is a possible out of ...)
+ TODO: check
+CVE-2023-20982 (In btm_read_tx_power_complete of btm_acl.cc, there is a possible out o ...)
+ TODO: check
+CVE-2023-20981 (In btu_ble_rc_param_req_evt of btu_hcif.cc, there is a possible out of ...)
+ TODO: check
+CVE-2023-20980 (In btu_ble_ll_conn_param_upd_evt of btu_hcif.cc, there is a possible o ...)
+ TODO: check
+CVE-2023-20979 (In BtaAvCo::GetNextSourceDataPacket of bta_av_co.cc, there is a possib ...)
+ TODO: check
CVE-2023-20978
RESERVED
-CVE-2023-20977
- RESERVED
-CVE-2023-20976
- RESERVED
-CVE-2023-20975
- RESERVED
-CVE-2023-20974
- RESERVED
-CVE-2023-20973
- RESERVED
-CVE-2023-20972
- RESERVED
-CVE-2023-20971
- RESERVED
-CVE-2023-20970
- RESERVED
-CVE-2023-20969
- RESERVED
-CVE-2023-20968
- RESERVED
+CVE-2023-20977 (In btm_ble_read_remote_features_complete of btm_ble_gap.cc, there is a ...)
+ TODO: check
+CVE-2023-20976 (In getConfirmationMessage of DefaultAutofillPicker.java, there is a po ...)
+ TODO: check
+CVE-2023-20975 (In getAvailabilityStatus of EnableContentCapturePreferenceController.j ...)
+ TODO: check
+CVE-2023-20974 (In btm_ble_add_resolving_list_entry_complete of btm_ble_privacy.cc, th ...)
+ TODO: check
+CVE-2023-20973 (In btm_create_conn_cancel_complete of btm_sec.cc, there is a possible ...)
+ TODO: check
+CVE-2023-20972 (In btm_vendor_specific_evt of btm_devctl.cc, there is a possible out o ...)
+ TODO: check
+CVE-2023-20971 (In updatePermissionTreeSourcePackage of PermissionManagerServiceImpl.j ...)
+ TODO: check
+CVE-2023-20970 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-20969 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2023-20968 (In multiple locations of p2p_iface.cpp, there is a possible out of bou ...)
+ TODO: check
CVE-2023-20967
RESERVED
-CVE-2023-20966
- RESERVED
+CVE-2023-20966 (In inflate of inflate.c, there is a possible out of bounds write due t ...)
NOT-FOR-US: Android
CVE-2023-20965
RESERVED
-CVE-2023-20964
- RESERVED
+CVE-2023-20964 (In multiple functions of MediaSessionRecord.java, there is a possible ...)
NOT-FOR-US: Android
-CVE-2023-20963
- RESERVED
+CVE-2023-20963 (In WorkSource, there is a possible parcel mismatch. This could lead to ...)
NOT-FOR-US: Android
-CVE-2023-20962
- RESERVED
+CVE-2023-20962 (In getSliceEndItem of MediaVolumePreferenceController.java, there is a ...)
NOT-FOR-US: Android
CVE-2023-20961
RESERVED
-CVE-2023-20960
- RESERVED
+CVE-2023-20960 (In launchDeepLinkIntentToRight of SettingsHomepageActivity.java, there ...)
NOT-FOR-US: Android
-CVE-2023-20959
- RESERVED
+CVE-2023-20959 (In AddSupervisedUserActivity, guest users are not prevented from start ...)
NOT-FOR-US: Android
-CVE-2023-20958
- RESERVED
+CVE-2023-20958 (In read_paint of ttcolr.c, there is a possible out of bounds read due ...)
NOT-FOR-US: Android
-CVE-2023-20957
- RESERVED
+CVE-2023-20957 (In onAttach of SettingsPreferenceFragment.java, there is a possible by ...)
NOT-FOR-US: Android
-CVE-2023-20956
- RESERVED
+CVE-2023-20956 (In Import of C2SurfaceSyncObj.cpp, there is a possible out of bounds w ...)
NOT-FOR-US: Android
-CVE-2023-20955
- RESERVED
+CVE-2023-20955 (In onPrepareOptionsMenu of AppInfoDashboardFragment.java, there is a p ...)
NOT-FOR-US: Android
-CVE-2023-20954
- RESERVED
+CVE-2023-20954 (In SDP_AddAttribute of sdp_db.cc, there is a possible out of bounds wr ...)
NOT-FOR-US: Android
-CVE-2023-20953
- RESERVED
+CVE-2023-20953 (In onPrimaryClipChanged of ClipboardListener.java, there is a possible ...)
NOT-FOR-US: Android
-CVE-2023-20952
- RESERVED
+CVE-2023-20952 (In A2DP_BuildCodecHeaderSbc of a2dp_sbc.cc, there is a possible out of ...)
NOT-FOR-US: Android
-CVE-2023-20951
- RESERVED
+CVE-2023-20951 (In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible out ...)
NOT-FOR-US: Android
CVE-2023-20950
RESERVED
@@ -32079,8 +32087,7 @@ CVE-2023-20949 (In s2mpg11_pmic_probe of s2mpg11-regulator.c, there is a possibl
NOT-FOR-US: Linux kernel of the Pixel phone
CVE-2023-20948 (In dropFramesUntilIframe of AAVCAssembler.cpp, there is a possible out ...)
NOT-FOR-US: Android
-CVE-2023-20947
- RESERVED
+CVE-2023-20947 (In getGroupState of GrantPermissionsViewModel.kt, there is a possible ...)
NOT-FOR-US: Android
CVE-2023-20946 (In onStart of BluetoothSwitchPreferenceController.java, there is a pos ...)
NOT-FOR-US: Android
@@ -32106,8 +32113,7 @@ CVE-2023-20938 (In binder_transaction_buffer_release of binder.c, there is a pos
CVE-2023-20937 (In several functions of the Android Linux kernel, there is a possible ...)
- linux <not-affected> (Android-specific)
NOTE: https://source.android.com/docs/security/bulletin/2023-02-01
-CVE-2023-20936
- RESERVED
+CVE-2023-20936 (In bta_av_rc_disc_done of bta_av_act.cc, there is a possible out of bo ...)
NOT-FOR-US: Android
CVE-2023-20935
RESERVED
@@ -32117,13 +32123,11 @@ CVE-2023-20933 (In several functions of MediaCodec.cpp, there is a possible way
NOT-FOR-US: Android media framework
CVE-2023-20932 (In onCreatePreferences of EditInfoFragment.java, there is a possible w ...)
NOT-FOR-US: Android
-CVE-2023-20931
- RESERVED
+CVE-2023-20931 (In avdt_scb_hdl_write_req of avdt_scb_act.cc, there is a possible out ...)
NOT-FOR-US: Android
CVE-2023-20930
RESERVED
-CVE-2023-20929
- RESERVED
+CVE-2023-20929 (In sendHalfSheetCancelBroadcast of HalfSheetActivity.java, there is a ...)
NOT-FOR-US: Android
CVE-2023-20928 (In binder_vma_close of binder.c, there is a possible use after free du ...)
- linux 5.19.6-1
@@ -32134,8 +32138,7 @@ CVE-2023-20928 (In binder_vma_close of binder.c, there is a possible use after f
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2374
CVE-2023-20927 (In permissions of AndroidManifest.xml, there is a possible way to gran ...)
NOT-FOR-US: Android
-CVE-2023-20926
- RESERVED
+CVE-2023-20926 (In onParentVisible of HeaderPrivacyIconsController.kt, there is a poss ...)
NOT-FOR-US: Android
CVE-2023-20925 (In setUclampMinLocked of PowerSessionManager.cpp, there is a possible ...)
NOT-FOR-US: Android
@@ -32154,8 +32157,7 @@ CVE-2023-20919 (In getStringsForPrefix of Settings.java, there is a possible pre
CVE-2023-20918
RESERVED
NOT-FOR-US: Android
-CVE-2023-20917
- RESERVED
+CVE-2023-20917 (In onTargetSelected of ResolverActivity.java, there is a possible way ...)
NOT-FOR-US: Android
CVE-2023-20916 (In getMainActivityLaunchIntent of LauncherAppsService.java, there is a ...)
NOT-FOR-US: Android
@@ -32167,11 +32169,9 @@ CVE-2023-20913 (In onCreate of PhoneAccountSettingsActivity.java and related fil
NOT-FOR-US: Android
CVE-2023-20912 (In onActivityResult of AvatarPickerActivity.java, there is a possible ...)
NOT-FOR-US: Android
-CVE-2023-20911
- RESERVED
+CVE-2023-20911 (In addPermission of PermissionManagerServiceImpl.java , there is a pos ...)
NOT-FOR-US: Android
-CVE-2023-20910
- RESERVED
+CVE-2023-20910 (In addNetworkSuggestions of WifiManager.java, there is a possible way ...)
NOT-FOR-US: Android
CVE-2023-20909
RESERVED
@@ -32179,8 +32179,7 @@ CVE-2023-20908 (In several functions of SettingsState.java, there is a possible
NOT-FOR-US: Android
CVE-2023-20907
RESERVED
-CVE-2023-20906
- RESERVED
+CVE-2023-20906 (In onPackageAddedInternal of PermissionManagerService.java, there is a ...)
NOT-FOR-US: Android
CVE-2023-20905 (In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out ...)
NOT-FOR-US: Android
@@ -39963,8 +39962,8 @@ CVE-2022-42530 (In Pixel firmware, there is a possible out of bounds read due to
NOT-FOR-US: Android
CVE-2022-42529 (Product: AndroidVersions: Android kernelAndroid ID: A-235292841Referen ...)
NOT-FOR-US: Android
-CVE-2022-42528
- RESERVED
+CVE-2022-42528 (In ffa_mrd_prot of shared_mem.c, there is a possible ID due to a logic ...)
+ TODO: check
CVE-2022-42527 (In cd_SsParseMsg of cd_SsCodec.c, there is a possible crash due to a m ...)
NOT-FOR-US: Android
CVE-2022-42526 (In ConvertUtf8ToUcs2 of radio_hal_utils.cpp, there is a possible out o ...)
@@ -40019,12 +40018,12 @@ CVE-2022-42502 (In FacilityLock::Parse of simdata.cpp, there is a possible out o
NOT-FOR-US: Android
CVE-2022-42501 (In HexString2Value of util.cpp, there is a possible out of bounds writ ...)
NOT-FOR-US: Android
-CVE-2022-42500
- RESERVED
-CVE-2022-42499
- RESERVED
-CVE-2022-42498
- RESERVED
+CVE-2022-42500 (In OEM_OnRequest of sced.cpp, there is a possible shell command execut ...)
+ TODO: check
+CVE-2022-42499 (In sms_SendMmCpErrMsg of sms_MmConManagement.c, there is a possible ou ...)
+ TODO: check
+CVE-2022-42498 (In Pixel cellular firmware, there is a possible out of bounds write du ...)
+ TODO: check
CVE-2022-3433 (The aeson library is not safe to use to consume untrusted JSON input. ...)
- haskell-aeson 2.0.3.0-1 (bug #1009678)
[bullseye] - haskell-aeson <no-dsa> (Minor issue)
@@ -43786,8 +43785,8 @@ CVE-2022-41137
RESERVED
CVE-2022-40704 (A XSS vulnerability was found in phoromatic_r_add_test_details.php in ...)
- phoronix-test-suite <removed>
-CVE-2022-40208
- RESERVED
+CVE-2022-40208 (In Moodle, insufficient limitations in some quiz web services made it ...)
+ TODO: check
CVE-2022-38066 (An OS command injection vulnerability exists in the httpd SNMP functio ...)
NOT-FOR-US: Siretta
CVE-2022-3253
@@ -91809,7 +91808,7 @@ CVE-2022-24198 (** DISPUTED ** iText v7.1.17 was discovered to contain an out-of
NOT-FOR-US: iText
CVE-2022-24197 (iText v7.1.17 was discovered to contain a stack-based buffer overflow ...)
NOT-FOR-US: iText
-CVE-2022-24196 (iText v7.1.17 was discovered to contain an out-of-memory error via the ...)
+CVE-2022-24196 (iText v7.1.17, up to (exluding)": 7.1.18 and 7.2.2 was discovered to c ...)
NOT-FOR-US: iText
CVE-2022-24195
RESERVED
@@ -109598,20 +109597,20 @@ CVE-2021-43319 (Zoho ManageEngine Network Configuration Manager before 125488 is
NOT-FOR-US: Zoho ManageEngine
CVE-2021-43318
RESERVED
-CVE-2021-43317
- RESERVED
-CVE-2021-43316
- RESERVED
-CVE-2021-43315
- RESERVED
-CVE-2021-43314
- RESERVED
-CVE-2021-43313
- RESERVED
-CVE-2021-43312
- RESERVED
-CVE-2021-43311
- RESERVED
+CVE-2021-43317 (A heap-based buffer overflows was discovered in upx, during the generi ...)
+ TODO: check
+CVE-2021-43316 (A heap-based buffer overflow was discovered in upx, during the generic ...)
+ TODO: check
+CVE-2021-43315 (A heap-based buffer overflows was discovered in upx, during the generi ...)
+ TODO: check
+CVE-2021-43314 (A heap-based buffer overflows was discovered in upx, during the generi ...)
+ TODO: check
+CVE-2021-43313 (A heap-based buffer overflow was discovered in upx, during the variabl ...)
+ TODO: check
+CVE-2021-43312 (A heap-based buffer overflow was discovered in upx, during the variabl ...)
+ TODO: check
+CVE-2021-43311 (A heap-based buffer overflow was discovered in upx, during the generic ...)
+ TODO: check
CVE-2021-43310 (A vulnerability in Keylime before 6.3.0 allows an attacker to craft a ...)
NOT-FOR-US: Keylime
CVE-2021-43309 (An exponential ReDoS (Regular Expression Denial of Service) can be tri ...)
@@ -111141,7 +111140,7 @@ CVE-2021-43115
CVE-2021-43114 (FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publis ...)
{DSA-5033-1}
- fort-validator 1.5.2-1
-CVE-2021-43113 (iTextPDF in iText 7 and up to 7.1.17 allows command injection via a Co ...)
+CVE-2021-43113 (iTextPDF in iText 7 and up to (excluding 4.4.13.3) 7.1.17 allows comma ...)
{DSA-5323-1 DLA-3273-1}
- libitext5-java 5.5.13.3-1 (bug #1014597)
NOTE: https://github.com/itext/itextpdf/commit/ce8bbacd631e13717a91f02e9cbd9814b9dc2cca (5.5.13.3)
@@ -112834,8 +112833,8 @@ CVE-2022-20544 (In onOptionsItemSelected of ManageApplications.java, there is a
NOT-FOR-US: Android
CVE-2022-20543 (In multiple locations, there is a possible display crash loop due to i ...)
NOT-FOR-US: Android
-CVE-2022-20542
- RESERVED
+CVE-2022-20542 (In parseParamsBlob of types.cpp, there is a possible out of bounds wri ...)
+ TODO: check
CVE-2022-20541 (In phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bou ...)
NOT-FOR-US: Android
CVE-2022-20540 (In SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arb ...)
@@ -112854,8 +112853,8 @@ CVE-2022-20534
RESERVED
CVE-2022-20533 (In getSlice of WifiSlice.java, there is a possible way to connect a ne ...)
NOT-FOR-US: Android
-CVE-2022-20532
- RESERVED
+CVE-2022-20532 (In parseTrackFragmentRun() of MPEG4Extractor.cpp, there is a possible ...)
+ TODO: check
CVE-2022-20531
REJECTED
CVE-2022-20530 (In strings.xml, there is a possible permission bypass due to a mislead ...)
@@ -112920,8 +112919,7 @@ CVE-2022-20501 (In onCreate of EnableAccountPreferenceActivity.java, there is a
NOT-FOR-US: Android
CVE-2022-20500 (In loadFromXml of ShortcutPackage.java, there is a possible crash on b ...)
NOT-FOR-US: Android
-CVE-2022-20499
- RESERVED
+CVE-2022-20499 (In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught e ...)
NOT-FOR-US: Android
CVE-2022-20498 (In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bou ...)
NOT-FOR-US: Android
@@ -112985,8 +112983,7 @@ CVE-2022-20469 (In avct_lcb_msg_asmbl of avct_lcb_act.cc, there is a possible ou
NOT-FOR-US: Android
CVE-2022-20468 (In BNEP_ConnectResp of bnep_api.cc, there is a possible out of bounds ...)
NOT-FOR-US: Android
-CVE-2022-20467
- RESERVED
+CVE-2022-20467 (In isBluetoothShareUri of BluetoothOppUtility.java, there is a possibl ...)
NOT-FOR-US: Android
CVE-2022-20466 (In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, t ...)
NOT-FOR-US: Android
@@ -125259,8 +125256,7 @@ CVE-2021-3686
RESERVED
CVE-2021-3685
RESERVED
-CVE-2021-3684
- RESERVED
+CVE-2021-3684 (A vulnerability was found in OpenShift Assisted Installer. During gene ...)
NOT-FOR-US: OpenShift
CVE-2021-3683 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
NOT-FOR-US: ShowDoc
@@ -126073,8 +126069,8 @@ CVE-2021-37840 (aaPanel through 6.8.12 allows Cross-Site WebSocket Hijacking (CS
NOT-FOR-US: aaPanel
CVE-2021-37839 (Apache Superset up to 1.5.1 allowed for authenticated users to access ...)
NOT-FOR-US: Apache Superset
-CVE-2021-3674
- RESERVED
+CVE-2021-3674 (A flaw was found in rizin. The create_section_from_phdr function alloc ...)
+ TODO: check
CVE-2021-3673 (A vulnerability was found in Radare2 in version 5.3.1. Improper input ...)
- radare2 5.5.0+dfsg-1
NOTE: https://github.com/radareorg/radare2/issues/18923
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81244eb16336df7a869339a7ff98fdb494f5dfcc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81244eb16336df7a869339a7ff98fdb494f5dfcc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230325/34a187de/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list