[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Oct 23 19:47:35 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
19aee39d by Moritz Muehlenhoff at 2023-10-23T20:47:06+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -306,7 +306,7 @@ CVE-2023-46287 (XSS exists in NagVis before 1.9.38 via the select function in sh
 CVE-2023-46117 (reconFTW is a tool designed to perform automated recon on a target dom ...)
 	NOT-FOR-US: reconFTW
 CVE-2023-45805 (pdm is a Python package and dependency manager supporting the latest P ...)
-	- pdm <unfixed>
+	- pdm <unfixed> (bug #1054428)
 	[bookworm] - pdm <no-dsa> (Minor issue)
 	NOTE: https://github.com/pdm-project/pdm/security/advisories/GHSA-j44v-mmf2-xvm9
 	NOTE: https://github.com/pdm-project/pdm/commit/6853e2642dfa281d4a9958fbc6c95b7e32d84831
@@ -1013,7 +1013,7 @@ CVE-2023-42459 (Fast DDS is a C++ implementation of the DDS (Data Distribution S
 	NOTE: https://github.com/eProsima/Fast-DDS/pull/3824
 	NOTE: https://github.com/eProsima/Fast-DDS/commit/1e978c6f3d0ca1df6b323b37fd4902b0762ececb
 CVE-2023-41752 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	- trafficserver <unfixed>
+	- trafficserver <unfixed> (bug #1054427)
 	NOTE: https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
 	NOTE: https://github.com/apache/trafficserver/commit/334839cb7a6724c71a5542e924251a8d931774b0 (8.1.x)
 	NOTE: https://github.com/apache/trafficserver/commit/de7c8a78edd5b75e311561dfaa133e9d71ea8a5e (9.2.x)
@@ -1028,7 +1028,7 @@ CVE-2023-40373 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server
 CVE-2023-40372 (IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 ...)
 	NOT-FOR-US: IBM
 CVE-2023-39456 (Improper Input Validation vulnerability in Apache Traffic Server with  ...)
-	- trafficserver <unfixed>
+	- trafficserver <unfixed> (bug #1054427)
 	[bullseye] - trafficserver <not-affected> (Vulnerable code not present)
 	[buster] - trafficserver <not-affected> (Vulnerable code not present)
 	NOTE: https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19aee39d9c4b1536defb8882679e3308993eb142

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19aee39d9c4b1536defb8882679e3308993eb142
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231023/c11f07c3/attachment.htm>

More information about the debian-security-tracker-commits mailing list