[Git][security-tracker-team/security-tracker][master] symfony spu/ospu

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Nov 15 18:48:39 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab70491f by Moritz Mühlenhoff at 2023-11-15T19:48:00+01:00
symfony spu/ospu

- - - - -


3 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -858,10 +858,13 @@ CVE-2023-46735 (Symfony is a PHP framework for web and console applications and
 	NOTE: https://github.com/symfony/symfony/commit/8128c302430394f639e818a7103b3f6815d8d962 (v6.3.8)
 CVE-2023-46734 (Symfony is a PHP framework for web and console applications and a set  ...)
 	- symfony 5.4.31+dfsg-1 (bug #1055774)
+	[bookworm] - symfony <no-dsa> (Minor issue)
+	[bullseye] - symfony <no-dsa> (Minor issue)
 	NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-q847-2q57-wmr3
 	NOTE: https://github.com/symfony/symfony/commit/9da9a145ce57e4585031ad4bee37c497353eec7c (v4.4.51, v5.4.31, v6.3.8)
 CVE-2023-46733 (Symfony is a PHP framework for web and console applications and a set  ...)
 	- symfony 5.4.31+dfsg-1 (bug #1055775)
+	[bookworm] - symfony <no-dsa> (Minor issue)
 	[bullseye] - symfony <not-affected> (Vulnerable code introduced later)
 	[buster] - symfony <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-m2wj-r6g3-fxfx


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -80,3 +80,5 @@ CVE-2023-46586
 	[bullseye] - weborf 0.17-3+deb11u1
 CVE-2021-33880
 	[bullseye] - python-websockets 8.1-1+deb11u1
+CVE-2023-46734
+	[bullseye] - symfony 4.4.19+dfsg-2+deb11u4


=====================================
data/next-point-update.txt
=====================================
@@ -64,3 +64,7 @@ CVE-2023-37369
 	[bookworm] - qtbase-opensource-src 5.15.8+dfsg-11+deb12u1
 CVE-2023-38197
 	[bookworm] - qtbase-opensource-src 5.15.8+dfsg-11+deb12u1
+CVE-2023-46734
+	[bookworm] - symfony 5.4.23+dfsg-1+deb12u1
+CVE-2023-46733
+	[bookworm] - symfony 5.4.23+dfsg-1+deb12u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab70491fc36e274e8a449873b2c9d75bb406ebce

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab70491fc36e274e8a449873b2c9d75bb406ebce
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231115/15b8c893/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list