[Git][security-tracker-team/security-tracker][master] c-ares fixed in experimental

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon May 22 16:52:44 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c3bad6ef by Moritz Muehlenhoff at 2023-05-22T17:52:15+02:00
c-ares fixed in experimental

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,5 @@
 CVE-2023-32067
+	[experimental] - c-ares 1.19.1-1
 	- c-ares <unfixed>
 	NOTE: https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc
 CVE-2023-33297 (Bitcoin Core before 24.1, when debug mode is not used, allows attacker ...)
@@ -1828,6 +1829,7 @@ CVE-2023-31148 (An Improper Input Validation vulnerability   in the Schweitzer E
 	NOT-FOR-US: Schweitzer Engineering Laboratories
 CVE-2023-31147
 	RESERVED
+	[experimental] - c-ares 1.19.1-1
 	- c-ares <unfixed> (unimportant)
 	NOTE: https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2
 	NOTE: Any Debian system/port provides /dev/urandom
@@ -1867,6 +1869,7 @@ CVE-2023-31131 (Greenplum Database (GPDB) is an open source data warehouse based
 	NOT-FOR-US: Greenplum Database
 CVE-2023-31130
 	RESERVED
+	[experimental] - c-ares 1.19.1-1
 	- c-ares <unfixed>
 	NOTE: https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v
 CVE-2023-31129 (The Contiki-NG operating system versions 4.8 and prior can be triggere ...)
@@ -1881,6 +1884,7 @@ CVE-2023-31125 (Engine.IO is the implementation of transport-based cross-browser
 	NOT-FOR-US: Engine.IO
 CVE-2023-31124
 	RESERVED
+	[experimental] - c-ares 1.19.1-1
 	- c-ares <unfixed> (unimportant)
 	NOTE: https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4
 	NOTE: No impact on binaries shipped by Debian



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3bad6ef0e67ab188ebf61c1f75264d19de1dca4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3bad6ef0e67ab188ebf61c1f75264d19de1dca4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230522/cefdab89/attachment.htm>

More information about the debian-security-tracker-commits mailing list