[Git][security-tracker-team/security-tracker][master] 2 commits: Add note for CVE-2023-28686/dino-im.
Chris Lamb (@lamby)
lamby at debian.org
Mon Mar 27 17:51:16 BST 2023
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
55519123 by Chris Lamb at 2023-03-27T17:49:52+01:00
Add note for CVE-2023-28686/dino-im.
- - - - -
a0938fb2 by Chris Lamb at 2023-03-27T17:50:42+01:00
Triage CVE-2023-28686 in dino-im for buster LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -659,10 +659,12 @@ CVE-2023-1544 (A flaw was found in the QEMU implementation of VMWare's paravirtu
NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2023-03/msg00206.html
CVE-2023-28686 (Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows a ...)
- dino-im 0.4.2-1 (bug #1033370)
+ [buster] - dino-im <not-affected> (Vulnerable code added in v0.1.0)
NOTE: https://dino.im/security/cve-2023-28686/
NOTE: Fixed by: https://github.com/dino/dino/commit/ef8fb0e94ce79d5fde2943e433ad0422eb7f70ec
NOTE: Fixed by: https://github.com/dino/dino/commit/baf96d9d9fac7480fed777ac87d917f8dec8f0f6 (v0.4.2)
NOTE: Fixed by: https://github.com/dino/dino/commit/e02a443a4eaf02f0ab860b41d0bc7081d4110ab4 (v0.2.3)
+ NOTE: Bookmark supported added in https://github.com/dino/dino/commit/74c29d4df19f97b9b67bbc3c1a963a8729be69fd (v0.1.0)
CVE-2023-28685 (Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not configure its ...)
NOT-FOR-US: Jenkins plugin
CVE-2023-28684 (Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not conf ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5a55272ef25f4207f4b89cad175f73167454548c...a0938fb250c6380b9991e94baf8b65a0c21d6519
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5a55272ef25f4207f4b89cad175f73167454548c...a0938fb250c6380b9991e94baf8b65a0c21d6519
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230327/d3069af7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list