[Git][security-tracker-team/security-tracker][master] Add CVE-2023-44488/libvpx
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Oct 1 06:45:40 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
97df0885 by Salvatore Bonaccorso at 2023-10-01T07:44:59+02:00
Add CVE-2023-44488/libvpx
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,7 +17,10 @@ CVE-2023-5300 (A vulnerability classified as critical has been found in TTSPlann
CVE-2023-5207 (A vulnerability was discovered in GitLab CE and EE affecting all versi ...)
TODO: check
CVE-2023-44488 (VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash rela ...)
- TODO: check
+ - libvpx <unfixed>
+ NOTE: https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f
+ NOTE: https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937
+ NOTE: http://www.openwall.com/lists/oss-security/2023/09/30/4
CVE-2022-4956 (A vulnerability classified as critical has been found in Caphyon Advan ...)
NOT-FOR-US: Caphyon Advanced Installer
CVE-2023-5320 (Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfa ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97df08859ca2f3d3ad17654b9ddf459a54e4c748
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97df08859ca2f3d3ad17654b9ddf459a54e4c748
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231001/d01442e9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list