[Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Nov 9 09:12:51 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
34647b7b by Moritz Muehlenhoff at 2023-11-09T10:12:09+01:00
bullseye/bookworm triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8006,6 +8006,8 @@ CVE-2023-43644 (Sing-box is an open source proxy system. Affected versions are s
NOT-FOR-US: sing-box
CVE-2023-43642 (snappy-java is a Java port of the snappy, a fast C++ compresser/decomp ...)
- snappy-java 1.1.10.5-1 (bug #1053474)
+ [bookworm] - snappy-java <no-dsa> (Minor issue)
+ [bullseye] - snappy-java <no-dsa> (Minor issue)
NOTE: https://github.com/xerial/snappy-java/commit/9f8c3cf74223ed0a8a834134be9c917b9f10ceb5 (v1.1.10.4)
NOTE: https://github.com/xerial/snappy-java/security/advisories/GHSA-55g7-9cwv-5qfv
CVE-2023-43458 (Cross Site Scripting (XSS) vulnerability in Resort Reservation System ...)
@@ -125639,7 +125641,7 @@ CVE-2022-24576 (GPAC 1.0.1 is affected by Use After Free through MP4Box.)
NOTE: https://github.com/gpac/gpac/commit/96699aabae042f8f55cf8a85fa5758e3db752bae (v2.0.0)
CVE-2022-24575 (GPAC 1.0.1 is affected by a stack-based buffer overflow through MP4Box ...)
- gpac 2.0.0+dfsg1-2
- [bullseye] - gpac <no-dsa> (Minor issue)
+ [bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
[stretch] - gpac <end-of-life> (No longer supported in LTS)
NOTE: https://github.com/gpac/gpac/issues/2058
@@ -136976,7 +136978,7 @@ CVE-2021-45289 (A vulnerability exists in GPAC 1.0.1 due to an omission of secur
NOTE: https://github.com/gpac/gpac/commit/5e1f084e0c6ad2736c9913715c4abb57c554209d (v2.0.0)
CVE-2021-45288 (A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which ...)
- gpac 2.0.0+dfsg1-2
- [bullseye] - gpac <no-dsa> (Minor issue)
+ [bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
[stretch] - gpac <end-of-life> (No longer supported in LTS)
NOTE: https://github.com/gpac/gpac/issues/1956
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34647b7b70c7b1c853f012b5af50ee250a880780
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34647b7b70c7b1c853f012b5af50ee250a880780
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231109/42b60e13/attachment.htm>
More information about the debian-security-tracker-commits
mailing list