[Git][security-tracker-team/security-tracker][master] Add CVE-2023-468{49,50}/openvpn

Sat Nov 11 08:51:46 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
361ec97e by Salvatore Bonaccorso at 2023-11-11T09:51:19+01:00
Add CVE-2023-468{49,50}/openvpn

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,9 +3,13 @@ CVE-2023-4804 (Anunauthorized user could access debug features in Quantum HD Uni
 CVE-2023-47122 (Gitsign is software for keyless Git signing using Sigstore. In version ...)
 	- gitsign <itp> (bug #1019518)
 CVE-2023-46850 (Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined ...)
-	TODO: check
+	- openvpn <unfixed>
+	NOTE: https://community.openvpn.net/openvpn/wiki/CVE-2023-46850
+	NOTE: https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/
 CVE-2023-46849 (Using the --fragment option in certain configuration setups OpenVPN ve ...)
-	TODO: check
+	- openvpn <unfixed>
+	NOTE: https://community.openvpn.net/openvpn/wiki/CVE-2023-46849
+	NOTE: https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/
 CVE-2023-6076 (A vulnerability classified as problematic was found in PHPGurukul Rest ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2023-6075 (A vulnerability classified as problematic has been found in PHPGurukul ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/361ec97ecce875e6486342097c178a8d2b378ef1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/361ec97ecce875e6486342097c178a8d2b378ef1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231111/9bf9dca1/attachment.htm>
