[Git][security-tracker-team/security-tracker][master] Marked a few CVEs as end-of-life for buster.
Ola Lundqvist (@opal)
opal at debian.org
Fri Sep 29 19:47:30 BST 2023
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits:
56490f6a by Ola Lundqvist at 2023-09-29T18:46:49+00:00
Marked a few CVEs as end-of-life for buster.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -519,6 +519,7 @@ CVE-2023-41078 (An authorization issue was addressed with improved state managem
TODO: check
CVE-2023-41074 (The issue was addressed with improved checks. This issue is fixed in t ...)
- webkit2gtk 2.42.0-1
+ [buster] - webkit2gtk <end-of-life> (EOL in buster LTS)
- wpewebkit 2.42.0-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
NOTE: https://webkitgtk.org/security/WSA-2023-0009.html
@@ -575,6 +576,7 @@ CVE-2023-40452 (The issue was addressed with improved bounds checks. This issue
CVE-2023-40451 (This issue was addressed with improved iframe sandbox enforcement. Thi ...)
{DSA-5468-1}
- webkit2gtk 2.40.5-1
+ [buster] - webkit2gtk <end-of-life> (EOL in buster LTS)
- wpewebkit 2.40.5-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
NOTE: https://webkitgtk.org/security/WSA-2023-0009.html
@@ -649,6 +651,7 @@ CVE-2023-40330 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mi
CVE-2023-39434 (A use-after-free issue was addressed with improved memory management. ...)
{DSA-5468-1}
- webkit2gtk 2.40.5-1
+ [buster] - webkit2gtk <end-of-life> (EOL in buster LTS)
- wpewebkit 2.40.5-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
NOTE: https://webkitgtk.org/security/WSA-2023-0009.html
@@ -671,6 +674,7 @@ CVE-2023-35793 (An issue was discovered in Cassia Access Controller 2.1.1.230327
CVE-2023-35074 (The issue was addressed with improved memory handling. This issue is f ...)
{DSA-5396-1}
- webkit2gtk 2.40.0-1
+ [buster] - webkit2gtk <end-of-life> (EOL in buster LTS)
- wpewebkit 2.40.2-2
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
NOTE: https://webkitgtk.org/security/WSA-2023-0009.html
@@ -1210,6 +1214,7 @@ CVE-2023-42279 (Dreamer CMS 4.1.3 is vulnerable to SQL Injection.)
NOT-FOR-US: Dreamer CMS
CVE-2023-41993 (The issue was addressed with improved checks. This issue is fixed in S ...)
- webkit2gtk 2.42.1-1
+ [buster] - webkit2gtk <end-of-life> (EOL in buster LTS)
- wpewebkit 2.42.1-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
NOTE: https://webkitgtk.org/security/WSA-2023-0009.html
@@ -2090,6 +2095,7 @@ CVE-2023-3280 (A problem with a protection mechanism in the Palo Alto Networks C
NOT-FOR-US: Palo Alto Networks
CVE-2023-39928 [A malicious web page can cause memory corruption and potentially arbitrary code execution]
- webkit2gtk 2.42.0-1
+ [buster] - webkit2gtk <end-of-life> (EOL in buster LTS)
- wpewebkit 2.42.0-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security support in Bookworm)
NOTE: https://webkitgtk.org/security/WSA-2023-0009.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56490f6ace0a0e70202d214015e58c73229b93f5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56490f6ace0a0e70202d214015e58c73229b93f5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230929/90453b9d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list