[Git][security-tracker-team/security-tracker][master] Track fixes for linux issues via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Oct 22 20:35:20 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b42151d8 by Salvatore Bonaccorso at 2023-10-22T21:34:50+02:00
Track fixes for linux issues via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,7 +17,7 @@ CVE-2023-XXXX [SQUID-2023:1 Request/Response smuggling in HTTP/1.1 and ICAP]
 	- squid3 <removed>
 	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh
 CVE-2023-5178
-	- linux <unfixed>
+	- linux 6.5.8-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2241924
 	NOTE: https://git.kernel.org/linus/d920abd1e7c4884f9ecd0749d1921b7ab19ddfbd
 CVE-2023-5625
@@ -216,7 +216,7 @@ CVE-2023-34045 (VMware Fusion(13.x prior to 13.5)contains a local privilege esca
 CVE-2023-34044 (VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) ...)
 	NOT-FOR-US: VMware
 CVE-2023-5090 [x86: KVM: SVM: always update the x2avic msr interception]
-	- linux <unfixed>
+	- linux 6.5.8-1
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/b65235f6e102354ccafda601eaa1c5bef5284d21
@@ -2360,7 +2360,7 @@ CVE-2023-44487 (The HTTP/2 protocol allows a denial of service (server resource
 	NOTE: - apache2: https://chaos.social/@icing/111210915918780532
 	NOTE: - lighttpd: https://www.openwall.com/lists/oss-security/2023/10/13/9
 CVE-2023-34324 [linux/xen: Possible deadlock in Linux kernel event handling]
-	- linux <unfixed>
+	- linux 6.5.8-1
 	NOTE: https://xenbits.xen.org/xsa/advisory-441.html
 	NOTE: https://git.kernel.org/linus/87797fad6cce28ec9be3c13f031776ff4f104cfc (6.6-rc6)
 CVE-2023-34328 [A PV vCPU can place a breakpoint over the live GDT]
@@ -22884,7 +22884,7 @@ CVE-2023-31084 (An issue was discovered in drivers/media/dvb-core/dvb_frontend.c
 	- linux 6.3.7-1
 	NOTE: https://lore.kernel.org/all/CA+UBctCu7fXn4q41O_3=id1+OdyQ85tZY1x+TkT-6OVBL6KAUw@mail.gmail.com/
 CVE-2023-31083 (An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux  ...)
-	- linux <unfixed>
+	- linux 6.5.8-1
 	NOTE: https://lore.kernel.org/all/CA+UBctC3p49aTgzbVgkSZ2+TQcqq4fPDO7yZitFT5uBPDeCO2g@mail.gmail.com/
 CVE-2023-31082 (An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2 ...)
 	- linux <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b42151d8edc6e1ea5a830a4c4147cf90b155a611

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b42151d8edc6e1ea5a830a4c4147cf90b155a611
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231022/4568ef43/attachment.htm>

More information about the debian-security-tracker-commits mailing list