[Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-0778/libpod
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Nov 3 20:45:21 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e828136e by Salvatore Bonaccorso at 2023-11-03T21:44:43+01:00
Update information for CVE-2023-0778/libpod
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -42056,9 +42056,10 @@ CVE-2023-0779 (At the most basic level, an invalid pointer can be input that cra
NOT-FOR-US: Zephyr
CVE-2023-0778 (A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This is ...)
- libpod 4.3.1+ds1-7 (bug #1032099)
- [bullseye] - libpod <no-dsa> (Minor issue)
+ [bullseye] - libpod <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2168256
- NOTE: https://github.com/containers/podman/commit/6ca857feb07a5fdc96fd947afef03916291673d8
+ NOTE: Introduced with: https://github.com/containers/podman/commit/edddfe8c4f7761b12dc64ea4aa0a83b755aa124f (v3.4.0-rc1)
+ NOTE: Fixed by: https://github.com/containers/podman/commit/6ca857feb07a5fdc96fd947afef03916291673d8 (v4.5.0-rc1)
CVE-2023-25678
RESERVED
CVE-2023-25677
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e828136e0342397af3b1131bcce1d58203ede2d5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e828136e0342397af3b1131bcce1d58203ede2d5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231103/82e271c9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list