[Git][security-tracker-team/security-tracker][master] ncurses spu

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d7f9b0be by Moritz Mühlenhoff at 2023-05-27T10:44:30+02:00
ncurses spu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -53,7 +53,7 @@ CVE-2023-33780 (A stored cross-site scripting (XSS) vulnerability in TFDi Design
 CVE-2023-33779 (A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows  ...)
 	NOT-FOR-US: XXL-Job
 CVE-2023-33720 (mp4v2 v2.1.2 was discovered to contain a memory leak via the class MP4 ...)
-	NOT-FOR-US: mp4v2
+	- mp4v2 <removed>
 CVE-2023-33440 (Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitra ...)
 	NOT-FOR-US: Sourcecodester Faculty Evaluation System
 CVE-2023-33439 (Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Inj ...)
@@ -6558,7 +6558,7 @@ CVE-2023-29586 (Code Sector TeraCopy 3.9.7 does not perform proper access valida
 CVE-2023-29585
 	RESERVED
 CVE-2023-29584 (mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the  ...)
-	NOT-FOR-US: mp4v2
+	- mp4v2 <removed>
 CVE-2023-29583 (yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via th ...)
 	- yasm <unfixed> (unimportant)
 	NOTE: https://github.com/yasm/yasm/issues/218
@@ -6581,7 +6581,7 @@ CVE-2023-29579 (yasm 1.3.0.55.g101bc was discovered to contain a stack overflow
 	[buster] - yasm <no-dsa> (Minor issue)
 	NOTE: https://github.com/yasm/yasm/issues/214
 CVE-2023-29578 (mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the  ...)
-	NOT-FOR-US: MP4v2
+	- mp4v2 <removed>
 CVE-2023-29577
 	RESERVED
 CVE-2023-29576 (Bento4 v1.6.0-639 was discovered to contain a segmentation violation v ...)
@@ -10360,9 +10360,9 @@ CVE-2023-1452 (A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master
 	NOTE: https://github.com/gpac/gpac/issues/2386
 	NOTE: https://github.com/gpac/gpac/commit/a5efec8187de02d1f0a412140b0bf030a6747d3f
 CVE-2023-1451 (A vulnerability was found in MP4v2 2.1.2. It has been classified as pr ...)
-	NOT-FOR-US: MP4v2
+	- mp4v2 <removed>
 CVE-2023-1450 (A vulnerability was found in MP4v2 2.1.2 and classified as problematic ...)
-	NOT-FOR-US: MP4v2
+	- mp4v2 <removed>
 CVE-2023-1449 (A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master ...)
 	{DSA-5411-1}
 	- gpac <unfixed> (bug #1034187)


=====================================
data/next-point-update.txt
=====================================
@@ -77,3 +77,5 @@ CVE-2023-27538
 	[bullseye] - curl 7.74.0-1.3+deb11u8
 CVE-2021-33797
 	[bullseye] - mujs 1.1.0-1+deb11u3
+CVE-2023-29491
+	[bullseye] - ncurses 6.2+20201114-2+deb11u2



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7f9b0be8921933cac1340e709e161d8fa5aabab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7f9b0be8921933cac1340e709e161d8fa5aabab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230527/2cd01234/attachment.htm>