[Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu May 11 14:51:48 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
30320f7d by Moritz Muehlenhoff at 2023-05-11T15:51:17+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25,7 +25,7 @@ CVE-2023-2642 (A vulnerability classified as critical has been found in SourceCo
CVE-2023-2641 (A vulnerability was found in SourceCodester Online Internship Manageme ...)
NOT-FOR-US: SourceCodester Online Internship Management System
CVE-2023-32076 (in-toto is a framework to protect supply chain integrity. The in-toto ...)
- - in-toto <unfixed>
+ - in-toto <unfixed> (bug #1035934)
NOTE: https://github.com/in-toto/in-toto/security/advisories/GHSA-wc64-c5rv-32pf
NOTE: https://github.com/in-toto/in-toto/commit/3a21d84f40811b7d191fa7bd17265c1f99599afd
CVE-2023-32070 (XWiki Platform is a generic wiki platform. Prior to version 14.6-rc-1, ...)
@@ -47,7 +47,7 @@ CVE-2023-31906 (Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a he
[bullseye] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5066
CVE-2023-31568 (Podofo v0.10.0 was discovered to contain a heap buffer overflow via th ...)
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (bug #1035935)
NOTE: https://github.com/podofo/podofo/issues/72
NOTE: Fixed by: https://github.com/podofo/podofo/commit/29d59f604b37159e938a2f46acd4856cfd1e7bac
CVE-2023-31567 (Podofo v0.10.0 was discovered to contain a heap buffer overflow via th ...)
@@ -59,11 +59,11 @@ CVE-2023-31566 (Podofo v0.10.0 was discovered to contain a heap-use-after-free v
CVE-2023-31557 (xpdf pdfimages v4.04 was discovered to contain a stack overflow in the ...)
TODO: check
CVE-2023-31556 (podofoinfo 0.10.0 was discovered to contain a segmentation violation v ...)
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (bug #1035935)
NOTE: https://github.com/podofo/podofo/issues/66
NOTE: https://github.com/podofo/podofo/commit/8d3e9104ea10f8b53a0b5a2a806e6388acd41a40
CVE-2023-31555 (podofoinfo 0.10.0 was discovered to contain a segmentation violation v ...)
- - libpodofo <unfixed>
+ - libpodofo <unfixed> (bug #1035935)
NOTE: https://github.com/podofo/podofo/issues/67
NOTE: https://github.com/podofo/podofo/commit/3759eb6aae7c01f2d8670f16ac46f5e116c7f468
CVE-2023-31554 (xpdf pdfimages v4.04 was discovered to contain a stack overflow in the ...)
@@ -1025,7 +1025,7 @@ CVE-2023-31139 (DHIS2 Core contains the service layer and Web API for DHIS2, an
CVE-2023-31138 (DHIS2 Core contains the service layer and Web API for DHIS2, an inform ...)
NOT-FOR-US: DHIS2
CVE-2023-31137 (MaraDNS is open-source software that implements the Domain Name System ...)
- - maradns <unfixed>
+ - maradns <unfixed> (bug #1035936)
NOTE: https://github.com/samboy/MaraDNS/commit/bab062bde40b2ae8a91eecd522e84d8b993bab58
NOTE: https://github.com/samboy/MaraDNS/security/advisories/GHSA-58m7-826v-9c3c
CVE-2023-31136 (PostgresNIO is a Swift client for PostgreSQL. Any user of PostgresNIO ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30320f7dc4d89c53b8716b334aaf1c94048f2e2b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30320f7dc4d89c53b8716b334aaf1c94048f2e2b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230511/12e3256b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list