[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri May 19 11:26:07 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f474a2a5 by Moritz Muehlenhoff at 2023-05-19T12:25:53+02:00
bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -453,6 +453,7 @@ CVE-2023-32758 (giturlparse (aka git-url-parse) through 1.2.2, as used in Semgre
CVE-2023-2700 (A vulnerability was found in libvirt. This security flaw ouccers due t ...)
[experimental] - libvirt 9.3.0-1
- libvirt <unfixed> (bug #1036297)
+ [bullseye] - libvirt <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2203653
NOTE: Fixed by: https://gitlab.com/libvirt/libvirt/-/commit/6425a311b8ad19d6f9c0b315bf1d722551ea3585 (v9.3.0)
CVE-2023-2699 (A vulnerability, which was classified as critical, has been found in S ...)
@@ -8463,16 +8464,19 @@ CVE-2023-28843 (PrestaShop/paypal is an open source module for the PrestaShop we
NOT-FOR-US: PrestaShop
CVE-2023-28842 (Moby) is an open source container framework developed by Docker Inc. t ...)
- docker.io 20.10.24+dfsg1-1
+ [bullseye] - docker.io <no-dsa> (Minor issue)
NOTE: https://github.com/moby/moby/security/advisories/GHSA-6wrf-mxfj-pf5p
NOTE: https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333
CVE-2023-28841 (Moby is an open source container framework developed by Docker Inc. th ...)
- docker.io 20.10.24+dfsg1-1
+ [bullseye] - docker.io <no-dsa> (Minor issue)
NOTE: https://github.com/moby/moby/security/advisories/GHSA-33pg-m6jh-5237
NOTE: https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333
NOTE: https://github.com/moby/moby/issues/43382
NOTE: https://github.com/moby/moby/pull/45118
CVE-2023-28840 (Moby is an open source container framework developed by Docker Inc. th ...)
- docker.io 20.10.24+dfsg1-1
+ [bullseye] - docker.io <no-dsa> (Minor issue)
NOTE: https://github.com/moby/moby/security/advisories/GHSA-232p-vwff-86mp
NOTE: https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333
NOTE: https://github.com/moby/moby/issues/43382
=====================================
data/dsa-needed.txt
=====================================
@@ -23,6 +23,12 @@ linux (carnil)
Wait until more issues have piled up, though try to regulary rebase for point
releases to more recent v5.10.y versions
--
+libraw
+--
+libssh
+--
+libwebp (jmm)
+--
nbconvert
--
netatalk
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f474a2a5c477a7e077c8c23a40e1dafec15699d6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f474a2a5c477a7e077c8c23a40e1dafec15699d6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230519/ff372f7f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list