[Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Nov 17 09:13:19 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7c17f80f by Moritz Muehlenhoff at 2023-11-17T10:12:46+01:00
bullseye/bookworm triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,33 +17,40 @@ CVE-2023-48649 (Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows stored XS
CVE-2023-48648 (Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized ac ...)
NOT-FOR-US: Concrete CMS
CVE-2023-48237 (Vim is an open source command line text editor. In affected versions w ...)
- - vim <unfixed>
+ - vim <unfixed> (unimportant)
NOTE: https://github.com/vim/vim/security/advisories/GHSA-f2m2-v387-gv87
NOTE: https://github.com/vim/vim/commit/6bf131888a3d1de62bbfa8a7ea03c0ddccfd496e (v9.0.2112)
+ NOTE: Self-inflicted crash, no security impact
CVE-2023-48236 (Vim is an open source command line text editor. When using the z= comm ...)
- - vim <unfixed>
+ - vim <unfixed> (unimportant)
NOTE: https://github.com/vim/vim/security/advisories/GHSA-pr4c-932v-8hx5
NOTE: https://github.com/vim/vim/commit/73b2d3790cad5694fc0ed0db2926e4220c48d968 (v9.0.2111)
+ NOTE: Self-inflicted crash, no security impact
CVE-2023-48235 (Vim is an open source command line text editor. When parsing relative ...)
- - vim <unfixed>
+ - vim <unfixed> (unimportant)
NOTE: https://github.com/vim/vim/security/advisories/GHSA-6g74-hr6q-pr8g
NOTE: https://github.com/vim/vim/commit/060623e4a3bc72b011e7cd92bedb3bfb64e06200 (v9.0.2110)
+ NOTE: Self-inflicted crash, no security impact
CVE-2023-48234 (Vim is an open source command line text editor. When getting the count ...)
- - vim <unfixed>
+ - vim <unfixed> (unimportant)
NOTE: https://github.com/vim/vim/security/advisories/GHSA-59gw-c949-6phq
NOTE: https://github.com/vim/vim/commit/58f9befca1fa172068effad7f2ea5a9d6a7b0cca (v9.0.2109)
+ NOTE: Self-inflicted crash, no security impact
CVE-2023-48233 (Vim is an open source command line text editor. If the count after the ...)
- - vim <unfixed>
+ - vim <unfixed> (unimportant)
NOTE: https://github.com/vim/vim/security/advisories/GHSA-3xx4-hcq6-r2vj
NOTE: https://github.com/vim/vim/commit/ac63787734fda2e294e477af52b3bd601517fa78 (v9.0.2108)
+ NOTE: Self-inflicted crash, no security impact
CVE-2023-48232 (Vim is an open source command line text editor. A floating point excep ...)
- - vim <unfixed>
+ - vim <unfixed> (unimportant)
NOTE: https://github.com/vim/vim/security/advisories/GHSA-f6cx-x634-hqpw
NOTE: https://github.com/vim/vim/commit/cb0b99f0672d8446585d26e998343dceca17d1ce (v9.0.2107)
+ NOTE: Self-inflicted crash, no security impact
CVE-2023-48231 (Vim is an open source command line text editor. When closing a window, ...)
- - vim <unfixed>
+ - vim <unfixed> (unimportant)
NOTE: https://github.com/vim/vim/security/advisories/GHSA-8g46-v9ff-c765
NOTE: https://github.com/vim/vim/commit/25aabc2b8ee1e19ced6f4da9d866cf9378fc4c5a (v9.0.2106)
+ NOTE: Self-inflicted crash, no security impact
CVE-2023-48222 (Rundeck is an open source automation service with a web console, comma ...)
TODO: check
CVE-2023-48078 (SQL Injection vulnerability in add.php in Simple CRUD Functionality v1 ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -19,12 +19,16 @@ dnsdist (jmm)
fastdds
Awaiting feedback from maintainer on bullseye status
--
+frr
+--
gimp (carnil)
--
gpac/oldstable
--
gst-plugins-bad1.0 (carnil)
--
+h2o (jmm)
+--
intel-microcode (carnil)
wait for exposure of update in unstable
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c17f80f6ed5b997c00b5567c23d35b9b25aba15
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c17f80f6ed5b997c00b5567c23d35b9b25aba15
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231117/429c2af5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list