[Git][security-tracker-team/security-tracker][master] bugnums

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
59aff79d by Moritz Mühlenhoff at 2023-05-24T15:36:18+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13017,7 +13017,7 @@ CVE-2023-27586 (CairoSVG is an SVG converter based on Cairo, a 2D graphics libra
 	NOTE: Introduced in https://github.com/Kozea/CairoSVG/commit/1ee0889f4015ebaddcf9976d43222e673155797c (0.3)
 CVE-2023-27585 (PJSIP is a free and open source multimedia communication library writt ...)
 	{DLA-3394-1}
-	- asterisk <unfixed>
+	- asterisk <unfixed> (bug #1036697)
 	- pjproject <removed>
 	- ring <unfixed>
 	NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-q9cp-8wcq-7pfr
@@ -16906,17 +16906,17 @@ CVE-2023-26120 (This affects all versions of the package com.xuxueli:xxl-job. HT
 CVE-2023-26119 (Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and b ...)
 	NOT-FOR-US: net.sourceforge.htmlunit:htmlunit
 CVE-2023-26118 (Versions of the package angular from 1.4.9 are vulnerable to Regular E ...)
-	- angular.js <unfixed>
+	- angular.js <unfixed> (bug #1036694)
 	[bookworm] - angular.js <no-dsa> (Minor issue)
 	[bullseye] - angular.js <no-dsa> (Minor issue)
 	NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373046
 CVE-2023-26117 (Versions of the package angular from 1.0.0 are vulnerable to Regular E ...)
-	- angular.js <unfixed>
+	- angular.js <unfixed> (bug #1036694)
 	[bookworm] - angular.js <no-dsa> (Minor issue)
 	[bullseye] - angular.js <no-dsa> (Minor issue)
 	NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373045
 CVE-2023-26116 (Versions of the package angular from 1.2.21 are vulnerable to Regular  ...)
-	- angular.js <unfixed>
+	- angular.js <unfixed> (bug #1036694)
 	[bookworm] - angular.js <no-dsa> (Minor issue)
 	[bullseye] - angular.js <no-dsa> (Minor issue)
 	NOTE: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044
@@ -19242,7 +19242,7 @@ CVE-2023-25442 (Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability i
 CVE-2023-25441
 	RESERVED
 CVE-2023-25440 (Stored Cross Site Scripting (XSS) vulnerability in the add contact fun ...)
-	- civicrm <unfixed>
+	- civicrm <unfixed> (bug #1036695)
 CVE-2023-25439
 	RESERVED
 CVE-2023-25438 (An issue was discovered in Genomedics MilleGP5 5.9.2, allows remote at ...)
@@ -96125,7 +96125,7 @@ CVE-2022-25872 (All versions of package fast-string-search are vulnerable to Out
 CVE-2022-25871 (All versions of package querymen are vulnerable to Prototype Pollution ...)
 	NOT-FOR-US: Node querymen
 CVE-2022-25869 (All versions of package angular are vulnerable to Cross-site Scripting ...)
-	- angular.js <unfixed>
+	- angular.js <unfixed> (bug #1036694)
 	[bookworm] - angular.js <no-dsa> (Minor issue)
 	[bullseye] - angular.js <no-dsa> (Minor issue)
 	[buster] - angular.js <no-dsa> (Minor issue)
@@ -310062,7 +310062,7 @@ CVE-2018-20589 (Ivan Cordoba Generic Content Management System (CMS) through 201
 CVE-2018-20588 (lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-a ...)
 	NOT-FOR-US: otfcc
 CVE-2018-20587 (Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0. ...)
-	- bitcoin <unfixed>
+	- bitcoin <unfixed> (bug #1036696)
 	NOTE: https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2018-20587
 	NOTE: Documentation of issue: https://github.com/bitcoin/bitcoin/pull/15223
 CVE-2018-20586 (bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary d ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59aff79d1245e6c96cb8d2a8f6e2becb4bd8c140

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59aff79d1245e6c96cb8d2a8f6e2becb4bd8c140
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230524/68dfe0d1/attachment.htm>