[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2023-29839/hoteldruid as no-dsa for bullseye
Utkarsh Gupta (@utkarsh)
utkarsh at debian.org
Mon May 15 06:19:06 BST 2023
Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cdbf8473 by Utkarsh Gupta at 2023-05-15T10:48:43+05:30
Mark CVE-2023-29839/hoteldruid as no-dsa for bullseye
- - - - -
37f2f02b by Utkarsh Gupta at 2023-05-15T10:48:46+05:30
Mark iotjs CVEs as ignored for buster; following bullseye
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -214,18 +214,22 @@ CVE-2023-32070 (XWiki Platform is a generic wiki platform. Prior to version 14.6
CVE-2023-31910 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buff ...)
- iotjs <removed>
[bullseye] - iotjs <ignored> (Minor issue)
+ [buster] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5076
CVE-2023-31908 (Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buff ...)
- iotjs <removed>
[bullseye] - iotjs <ignored> (Minor issue)
+ [buster] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5067
CVE-2023-31907 (Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via ...)
- iotjs <removed>
[bullseye] - iotjs <ignored> (Minor issue)
+ [buster] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5073
CVE-2023-31906 (Jerryscript 3.0.0(commit 1a2c047) was discovered to contain a heap-buf ...)
- iotjs <removed>
[bullseye] - iotjs <ignored> (Minor issue)
+ [buster] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5066
CVE-2023-31568 (Podofo v0.10.0 was discovered to contain a heap buffer overflow via th ...)
- libpodofo <not-affected> (Vulnerable code not present)
@@ -3661,6 +3665,7 @@ CVE-2023-30415
CVE-2023-30414 (Jerryscript commit 1a2c047 was discovered to contain a stack overflow ...)
- iotjs <removed>
[bullseye] - iotjs <ignored> (Minor issue)
+ [buster] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5051
CVE-2023-30413
RESERVED
@@ -3671,18 +3676,21 @@ CVE-2023-30411
CVE-2023-30410 (Jerryscript commit 1a2c047 was discovered to contain a stack overflow ...)
- iotjs <removed>
[bullseye] - iotjs <ignored> (Minor issue)
+ [buster] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5052
CVE-2023-30409
RESERVED
CVE-2023-30408 (Jerryscript commit 1a2c047 was discovered to contain a segmentation vi ...)
- iotjs <removed>
[bullseye] - iotjs <ignored> (Minor issue)
+ [buster] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5057
CVE-2023-30407
RESERVED
CVE-2023-30406 (Jerryscript commit 1a2c047 was discovered to contain a segmentation vi ...)
- iotjs <removed>
[bullseye] - iotjs <ignored> (Minor issue)
+ [buster] - iotjs <ignored> (Minor issue)
NOTE: https://github.com/jerryscript-project/jerryscript/issues/5058
CVE-2023-30405 (A cross-site scripting (XSS) vulnerability in Aigital Wireless-N Repea ...)
NOT-FOR-US: Aigital
@@ -4865,6 +4873,7 @@ CVE-2023-29840
CVE-2023-29839 (A Stored Cross Site Scripting (XSS) vulnerability exists in multiple p ...)
- hoteldruid <unfixed> (bug #1035671)
[bullseye] - hoteldruid <no-dsa> (Minor issue)
+ [buster] - hoteldruid <no-dsa> (Minor issue)
NOTE: https://github.com/jichngan/CVE-2023-29839
NOTE: Fixed upstream in 3.0.5
CVE-2023-29838
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4b679aefb7a1c68fdaf21219621bf851445a0641...37f2f02b581e7c4e8063b16df657bf335703ec48
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4b679aefb7a1c68fdaf21219621bf851445a0641...37f2f02b581e7c4e8063b16df657bf335703ec48
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230515/b7ac7f33/attachment.htm>
More information about the debian-security-tracker-commits
mailing list