[Git][security-tracker-team/security-tracker][master] more sudo-rs references
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sun Nov 5 20:26:30 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e72cb96a by Moritz Muehlenhoff at 2023-11-05T21:25:56+01:00
more sudo-rs references
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7523,6 +7523,8 @@ CVE-2023-42456 (Sudo-rs, a memory safe implementation of sudo and su, allows use
- rust-sudo-rs <not-affected> (Fixed with first upload to Debian in unstable)
NOTE: https://github.com/memorysafety/sudo-rs/security/advisories/GHSA-2r3c-m6v7-9354
NOTE: https://github.com/memorysafety/sudo-rs/commit/bfdbda22968e3de43fa8246cab1681cfd5d5493d (v0.2.1)
+ NOTE: https://www.openwall.com/lists/oss-security/2023/11/02/1
+ NOTE: https://ferrous-systems.com/blog/sudo-rs-audit/
CVE-2023-42280 (mee-admin 1.5 is vulnerable to Directory Traversal. The download metho ...)
NOT-FOR-US: mee-admin
CVE-2023-42279 (Dreamer CMS 4.1.3 is vulnerable to SQL Injection.)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e72cb96a89aa28c2acf1f62b94c7f9a75fb93f6c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e72cb96a89aa28c2acf1f62b94c7f9a75fb93f6c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231105/7507c61a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list