[Git][security-tracker-team/security-tracker][master] bullseye triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed May 17 14:34:10 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0fe51f8c by Moritz Muehlenhoff at 2023-05-17T15:33:43+02:00
bullseye triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -46,6 +46,7 @@ CVE-2023-2738 (A vulnerability classified as critical has been found in Tongda O
 	TODO: check
 CVE-2023-2731 [null pointer deference in LZWDecode() in libtiff/tif_lzw.c]
 	- tiff <unfixed>
+	[bullseye] - tiff <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/libtiff/libtiff/-/issues/548
 	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/9be22b639ea69e102d3847dca4c53ef025e9527b
 CVE-2023-2730 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
@@ -581,6 +582,7 @@ CVE-2023-2614 (Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pim
 	NOT-FOR-US: pimcore
 CVE-2023-2610 (Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9 ...)
 	- vim <unfixed> (bug #1035955)
+	[bullseye] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/31e67340-935b-4f6c-a923-f7246bc29c7d
 	NOTE: https://github.com/vim/vim/commit/ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a (v9.0.1532)
 CVE-2023-32216
@@ -3776,6 +3778,7 @@ CVE-2023-1981 [avahi-daemon can be crashed via DBus]
 	RESERVED
 	{DLA-3414-1}
 	- avahi 0.8-10 (bug #1034594)
+	[bullseye] - avahi <no-dsa> (Minor issue)
 	NOTE: https://github.com/lathiat/avahi/issues/375
 	NOTE: https://github.com/lathiat/avahi/pull/407
 	NOTE: https://github.com/lathiat/avahi/commit/a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f


=====================================
data/dsa-needed.txt
=====================================
@@ -11,6 +11,8 @@ To pick an issue, simply add your uid behind it.
 
 If needed, specify the release by adding a slash after the name of the source package.
 
+--
+asterisk
 --
 chromium
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fe51f8cfdbd10a7fe4092deaeec7741280c5494

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fe51f8cfdbd10a7fe4092deaeec7741280c5494
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230517/fa93f220/attachment.htm>

More information about the debian-security-tracker-commits mailing list