[Git][security-tracker-team/security-tracker][master] Mark CVE-2023-38469/avahi as no-dsa
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Oct 5 22:26:34 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6ae69d5f by Salvatore Bonaccorso at 2023-10-05T23:26:01+02:00
Mark CVE-2023-38469/avahi as no-dsa
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -107,6 +107,8 @@ CVE-2023-38470
NOTE: https://github.com/lathiat/avahi/issues/454
CVE-2023-38469
- avahi <unfixed>
+ [bookworm] - avahi <no-dsa> (Minor issue; can be mitigated by setting disable-user-service-publishing to yes)
+ [bullseye] - avahi <no-dsa> (Minor issue; can be mitigated by setting disable-user-service-publishing to yes)
NOTE: https://github.com/lathiat/avahi/issues/455
CVE-2023-5402 (ACWE-269: Improper Privilege Management vulnerability existsthat could ...)
NOT-FOR-US: Schneider Electric
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ae69d5f9048900066fa56bf70d88bd2f9c1ebe9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ae69d5f9048900066fa56bf70d88bd2f9c1ebe9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231005/56df78ee/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list