[Git][security-tracker-team/security-tracker][master] openssl fixed in sid

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8d0aee7a by Moritz Muehlenhoff at 2023-05-30T20:02:11+02:00
openssl fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2023-2650 [openssl Possible DoS translating ASN.1 object identifiers]
-	- openssl <unfixed>
+	- openssl 3.0.9-1
 	NOTE: https://www.openssl.org/news/secadv/20230530.txt
 	NOTE: https://github.com/openssl/openssl/commit/9e209944b35cf82368071f160a744b6178f9b098 (OpenSSL_1_1_1u)
 	NOTE: https://github.com/openssl/openssl/commit/423a2bc737a908ad0c77bda470b2b59dc879936b (openssl-3.0.9)
@@ -12701,7 +12701,7 @@ CVE-2023-1257 (An attacker with physical access to the affected Moxa UC Series d
 CVE-2023-1256 (The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server ar ...)
 	NOT-FOR-US: AVEVA Plant SCADA and AVEVA Telemetry Server
 CVE-2023-1255 (Issue summary: The AES-XTS cipher decryption implementation for 64 bit ...)
-	- openssl <unfixed> (bug #1034720)
+	- openssl 3.0.9-1 (bug #1034720)
 	[bookworm] - openssl <postponed> (Minor issue, fix along with next security release)
 	[bullseye] - openssl <not-affected> (Vulnerable code not present)
 	[buster] - openssl <not-affected> (Vulnerable code not present)
@@ -22689,7 +22689,7 @@ CVE-2023-0468 (A use-after-free flaw was found in io_uring/poll.c in io_poll_che
 CVE-2023-0467 (The WP Dark Mode WordPress plugin before 4.0.8 does not properly sanit ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-0466 (The function X509_VERIFY_PARAM_add0_policy() is documented to implicit ...)
-	- openssl <unfixed> (bug #1034720)
+	- openssl 3.0.9-1 (bug #1034720)
 	[bookworm] - openssl <no-dsa> (Minor issue)
 	[bullseye] - openssl <no-dsa> (Minor issue)
 	[buster] - openssl <no-dsa> (Minor issue)
@@ -22697,7 +22697,7 @@ CVE-2023-0466 (The function X509_VERIFY_PARAM_add0_policy() is documented to imp
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=51e8a84ce742db0f6c70510d0159dad8f7825908 (openssl-3.0)
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a (OpenSSL_1_1_1-stable)
 CVE-2023-0465 (Applications that use a non-default option when verifying certificates ...)
-	- openssl <unfixed> (bug #1034720)
+	- openssl 3.0.9-1 (bug #1034720)
 	[bookworm] - openssl <no-dsa> (Minor issue)
 	[bullseye] - openssl <no-dsa> (Minor issue)
 	[buster] - openssl <no-dsa> (Minor issue)
@@ -22705,7 +22705,7 @@ CVE-2023-0465 (Applications that use a non-default option when verifying certifi
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1dd43e0709fece299b15208f36cc7c76209ba0bb (openssl-3.0)
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=b013765abfa80036dc779dd0e50602c57bb3bf95 (OpenSSL_1_1_1-stable)
 CVE-2023-0464 (A security vulnerability has been identified in all supported versions ...)
-	- openssl <unfixed> (bug #1034720)
+	- openssl 3.0.9-1 (bug #1034720)
 	[bookworm] - openssl <no-dsa> (Minor issue)
 	[bullseye] - openssl <no-dsa> (Minor issue)
 	[buster] - openssl <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d0aee7a443e2cdc15a5f55dca8a37f1b1e10d72

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d0aee7a443e2cdc15a5f55dca8a37f1b1e10d72
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230530/f8b295b1/attachment-0001.htm>