[Git][security-tracker-team/security-tracker][master] add references for puppetserver issue (and drop initial Red Hat entry, which has little info)
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri May 5 08:36:34 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
767e1ac9 by Moritz Muehlenhoff at 2023-05-05T09:35:53+02:00
add references for puppetserver issue (and drop initial Red Hat entry, which has little info)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5434,10 +5434,12 @@ CVE-2023-1895
RESERVED
CVE-2023-1894
RESERVED
- - puppet <removed>
+ - puppet <not-affected> (Limit to Puppet Server 7)
- puppetserver <unfixed>
- NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2193088
- TODO: clarify details, claimed to be fixed in puppetserver 7.11.0 and 8.0.0 by RH information
+ NOTE: https://www.puppet.com/security/cve/cve-2023-1894-puppet-server-redos
+ NOTE: https://github.com/puppetlabs/puppetserver/pull/2700
+ NOTE: https://github.com/puppetlabs/puppetserver/commit/545998b71baf70e35dc60c287f2cb2fc11ef9be2 (7.11.0)
+ NOTE: https://github.com/puppetlabs/puppetserver/commit/9e0239c19bc852b98c1a63fb33998de7eae388dc (7.11.0)
CVE-2023-29399
RESERVED
CVE-2023-29398
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/767e1ac95995872e1a57be89d88f5af9e9fa984e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/767e1ac95995872e1a57be89d88f5af9e9fa984e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230505/c3eb0c12/attachment.htm>
More information about the debian-security-tracker-commits
mailing list