[Git][security-tracker-team/security-tracker][master] CVE-2023-2650: Use upstream tags for easier version tracking
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue May 30 15:15:02 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6c72d703 by Salvatore Bonaccorso at 2023-05-30T16:13:41+02:00
CVE-2023-2650: Use upstream tags for easier version tracking
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,8 +1,8 @@
CVE-2023-2650 [openssl Possible DoS translating ASN.1 object identifiers]
- openssl <unfixed>
NOTE: https://www.openssl.org/news/secadv/20230530.txt
- NOTE: https://github.com/openssl/openssl/commit/9e209944b35cf82368071f160a744b6178f9b098 (OpenSSL_1_1_1-stable)
- NOTE: https://github.com/openssl/openssl/commit/423a2bc737a908ad0c77bda470b2b59dc879936b (openssl-3.0)
+ NOTE: https://github.com/openssl/openssl/commit/9e209944b35cf82368071f160a744b6178f9b098 (OpenSSL_1_1_1u)
+ NOTE: https://github.com/openssl/openssl/commit/423a2bc737a908ad0c77bda470b2b59dc879936b (openssl-3.0.9)
CVE-2023-34205 (In Moov signedxml through 1.0.0, parsing the raw XML (as received) can ...)
TODO: check
CVE-2023-34204 (imapsync through 2.229 uses predictable paths under /tmp and /var/tmp ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c72d703efbf093a5ac197c3f429a85541aeeb0b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c72d703efbf093a5ac197c3f429a85541aeeb0b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230530/5283a73a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list