[Git][security-tracker-team/security-tracker][master] 3 commits: Merge linux changes for bookworm 12.5
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Feb 10 09:24:37 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7a3afca0 by Salvatore Bonaccorso at 2024-02-06T22:01:38+01:00
Merge linux changes for bookworm 12.5
- - - - -
e0dcd7c0 by Salvatore Bonaccorso at 2024-02-06T22:04:12+01:00
Merge changes for updates with CVEs via bookworm 12.5
- - - - -
2415d828 by Salvatore Bonaccorso at 2024-02-10T09:24:21+00:00
Merge branch 'bookworm-12.5' into 'master'
Merge changes accepted for bookworm 12.5 release
See merge request security-tracker-team/security-tracker!163
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1965,10 +1965,12 @@ CVE-2024-1087
REJECTED
CVE-2024-1086 (A use-after-free vulnerability in the Linux kernel's netfilter: nf_tab ...)
- linux 6.6.15-1
+ [bookworm] - linux 6.1.76-1
NOTE: https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff660
NOTE: https://git.kernel.org/linus/f342de4e2f33e0e39165d8639387aa6c19dff660 (6.8-rc2)
CVE-2024-1085 (A use-after-free vulnerability in the Linux kernel's netfilter: nf_tab ...)
- linux 6.6.15-1
+ [bookworm] - linux 6.1.76-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://kernel.dance/b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7
@@ -2453,6 +2455,7 @@ CVE-2024-0986 (A vulnerability was found in Issabel PBX 4.0.0. It has been rated
NOT-FOR-US: Issabel PBX
CVE-2023-52340 [ipv6: remove max_size check inline with ipv4]
- linux 6.3.7-1
+ [bookworm] - linux 6.1.76-1
NOTE: https://git.kernel.org/linus/af6d10345ca76670c1b7c37799f0d5576ccef277 (6.3-rc1)
CVE-2024-0841 (A null pointer dereference flaw was found in the hugetlbfs_fill_super ...)
- linux <unfixed>
@@ -2859,6 +2862,7 @@ CVE-2024-0914 (A timing side-channel vulnerability has been discovered in the op
NOTE: https://people.redhat.com/~hkario/marvin/
CVE-2024-0911 (A flaw was found in Indent. This issue may allow a local user to use a ...)
- indent 2.2.13-4 (unimportant; bug #1061543)
+ [bookworm] - indent 2.2.12-4+deb12u3
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2259883
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2260399
NOTE: https://lists.gnu.org/archive/html/bug-indent/2024-01/msg00001.html
@@ -3355,6 +3359,7 @@ CVE-2024-23850 (In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel
NOTE: https://lore.kernel.org/all/6a80cb4b32af89787dadee728310e5e2ca85343f.1705741883.git.wqu%40suse.com/
CVE-2024-23849 (In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel thro ...)
- linux 6.6.15-1
+ [bookworm] - linux 6.1.76-1
NOTE: https://lore.kernel.org/netdev/1705715319-19199-1-git-send-email-sharath.srinivasan%40oracle.com/
CVE-2024-23848 (In the Linux kernel through 6.7.1, there is a use-after-free in cec_qu ...)
- linux <unfixed>
@@ -3377,6 +3382,7 @@ CVE-2024-23180 (Improper input validation vulnerability in a-blog cms Ver.3.1.x
NOT-FOR-US: a-blog cms
CVE-2024-22705 (An issue was discovered in ksmbd in the Linux kernel before 6.6.10. sm ...)
- linux 6.6.11-1
+ [bookworm] - linux 6.1.76-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d10c77873ba1e9e6b91905018e29e196fd5f863d (6.7-rc8)
@@ -3708,18 +3714,19 @@ CVE-2020-36771 (CloudLinux CageFS 7.1.1-1 or below passes the authentication to
NOT-FOR-US: CloudLinux CageFS
CVE-2023-46840 [VT-d: Failure to quarantine devices in !HVM builds]
- xen 4.17.3+10-g091466ba55-1
- [bookworm] - xen <postponed> (Fix along in next update)
+ [bookworm] - xen 4.17.3+10-g091466ba55-1~deb12u1
[bullseye] - xen <not-affected> (Vulnerable code not present)
[buster] - xen <not-affected> (Vulnerable code not present)
NOTE: https://xenbits.xen.org/xsa/advisory-450.html
CVE-2023-46839 [pci: phantom functions assigned to incorrect contexts]
- xen 4.17.3+10-g091466ba55-1
- [bookworm] - xen <postponed> (Fix along in next update)
+ [bookworm] - xen 4.17.3+10-g091466ba55-1~deb12u1
[bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-449.html
CVE-2023-46838 (Transmit requests in Xen's virtual network protocol can consist of mul ...)
- linux 6.6.15-1
+ [bookworm] - linux 6.1.76-1
NOTE: https://xenbits.xen.org/xsa/advisory-448.html
NOTE: https://git.kernel.org/linus/c7ec4f2d684e17d69bbdd7c4324db0ef5daac26a
CVE-2024-23771 (darkhttpd before 1.15 uses strcmp (which is not constant time) to veri ...)
@@ -4187,7 +4194,7 @@ CVE-2023-31274 (AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain
CVE-2024-23525 (The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE att ...)
{DLA-3723-1}
- libspreadsheet-parsexlsx-perl 0.31-1 (bug #1061098)
- [bookworm] - libspreadsheet-parsexlsx-perl <no-dsa> (Slight minor issue; will be fixed in point release)
+ [bookworm] - libspreadsheet-parsexlsx-perl 0.27-3+deb12u2
[bullseye] - libspreadsheet-parsexlsx-perl <no-dsa> (Slight minor issue; will be fixed in point release)
NOTE: https://gist.github.com/phvietan/d1c95a88ab6e17047b0248d6bf9eac4a
NOTE: https://github.com/MichaelDaum/spreadsheet-parsexlsx/issues/10
@@ -4653,7 +4660,7 @@ CVE-2024-0569 (A vulnerability classified as problematic has been found in Totol
NOT-FOR-US: Totolink
CVE-2024-0567 (A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTL ...)
- gnutls28 3.8.3-1 (bug #1061045)
- [bookworm] - gnutls28 <no-dsa> (Minor issue)
+ [bookworm] - gnutls28 3.7.9-2+deb12u2
[bullseye] - gnutls28 <no-dsa> (Minor issue)
[buster] - gnutls28 <no-dsa> (Minor issue)
NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1521
@@ -4668,7 +4675,7 @@ CVE-2024-0554 (A Cross-site scripting (XSS) vulnerability has been found on WIC1
NOT-FOR-US: WIC200
CVE-2024-0553 (A vulnerability was found in GnuTLS. The response times to malformed c ...)
- gnutls28 3.8.3-1 (bug #1061046)
- [bookworm] - gnutls28 <no-dsa> (Minor issue)
+ [bookworm] - gnutls28 3.7.9-2+deb12u2
[bullseye] - gnutls28 <not-affected> (Incomplete fix for CVE-2023-5981 not published officially in any Debian bullseye release)
NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1522
NOTE: https://gnutls.org/security-new.html#GNUTLS-SA-2024-01-14
@@ -5010,6 +5017,7 @@ CVE-2023-6941 (The Keap Official Opt-in Forms WordPress plugin through 1.0.11 do
NOT-FOR-US: WordPress plugin
CVE-2023-6915 (A Null pointer dereference problem was found in ida_free in lib/idr.c ...)
- linux 6.6.13-1
+ [bookworm] - linux 6.1.76-1
NOTE: https://git.kernel.org/linus/af73483f4e8b6f5c68c9aa63257bdd929a9c194a (6.7-rc7)
CVE-2023-6843 (The easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, ...)
NOT-FOR-US: WordPress plugin
@@ -5241,7 +5249,7 @@ CVE-2023-51804 (An issue in rymcu forest v.0.02 allows a remote attacker to obta
NOT-FOR-US: rymcu forest
CVE-2023-51698 (Atril is a simple multi-page document viewer. Atril is vulnerable to a ...)
- atril 1.26.1-4 (bug #1060751)
- [bookworm] - atril <no-dsa> (Minor issue)
+ [bookworm] - atril 1.26.0-2+deb12u2
[bullseye] - atril <no-dsa> (Minor issue)
- evince 3.25.92-1
NOTE: https://github.com/mate-desktop/atril/security/advisories/GHSA-34rr-j8v9-v4p2
@@ -5333,7 +5341,7 @@ CVE-2024-0459 (A vulnerability has been found in Blood Bank & Donor Management 5
NOT-FOR-US: Blood Bank & Donor Management
CVE-2023-6683 (A flaw was found in the QEMU built-in VNC server while processing Clie ...)
- qemu 1:8.2.0+ds-5 (bug #1060749)
- [bookworm] - qemu <no-dsa> (Minor issue)
+ [bookworm] - qemu 1:7.2+dfsg-7+deb12u4
[bullseye] - qemu <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2254825
NOTE: Proposed patch: https://lists.nongnu.org/archive/html/qemu-devel/2024-01/msg02382.html
@@ -5383,7 +5391,7 @@ CVE-2010-10011 (A vulnerability, which was classified as problematic, was found
NOT-FOR-US: Acritum Femitter Server
CVE-2024-23659 (SPIP before 4.1.14 and 4.2.x before 4.2.8 allows XSS via the name of a ...)
- spip 4.1.15+dfsg-1
- [bookworm] - spip <no-dsa> (Minor issue)
+ [bookworm] - spip 4.1.9+dfsg-1+deb12u4
[bullseye] - spip <not-affected> (Vulnerable code not present)
[buster] - spip <not-affected> (Vulnerable code not present)
NOTE: https://git.spip.net/spip/bigup/commit/ada821c076d67d1147a195178223d0b4a6d8cecc
@@ -6243,7 +6251,7 @@ CVE-2024-22370 (In JetBrains YouTrack before 2023.3.22666 stored XSS via markdow
CVE-2024-22368 (The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter ...)
{DLA-3723-1}
- libspreadsheet-parsexlsx-perl 0.29-1
- [bookworm] - libspreadsheet-parsexlsx-perl <no-dsa> (Minor issue; DoS, can be fixed in point release)
+ [bookworm] - libspreadsheet-parsexlsx-perl 0.27-3+deb12u1
[bullseye] - libspreadsheet-parsexlsx-perl <no-dsa> (Minor issue; DoS, can be fixed in point release)
NOTE: https://github.com/haile01/perl_spreadsheet_excel_rce_poc/blob/main/parse_xlsx_bomb.md
NOTE: Fixed by: https://github.com/MichaelDaum/spreadsheet-parsexlsx/commit/39b25b91fcb939a9c8ea807fdc80386c1ae5be0c (0.28)
@@ -7312,7 +7320,7 @@ CVE-2024-21907 (Newtonsoft.Json before version 13.0.1 is affected by a mishandli
NOT-FOR-US: Newtonsoft.Json
CVE-2024-21633 (Apktool is a tool for reverse engineering Android APK files. In versio ...)
- apktool 2.7.0+dfsg-7 (bug #1060013)
- [bookworm] - apktool <no-dsa> (Minor issue)
+ [bookworm] - apktool 2.7.0+dfsg-6+deb12u1
[bullseye] - apktool <no-dsa> (Minor issue)
[buster] - apktool <no-dsa> (Minor issue)
NOTE: https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-2hqv-2xv4-5h5w
@@ -7617,7 +7625,7 @@ CVE-2015-10128 (A vulnerability was found in rt-prettyphoto Plugin up to 1.2 on
NOT-FOR-US: WordPress plugin
CVE-2023-6693 (A stack based buffer overflow was found in the virtio-net device of QE ...)
- qemu 1:8.2.0+ds-3
- [bookworm] - qemu <no-dsa> (Minor issue)
+ [bookworm] - qemu 1:7.2+dfsg-7+deb12u4
[bullseye] - qemu <no-dsa> (Minor issue)
[buster] - qemu <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2254580
@@ -8711,7 +8719,7 @@ CVE-2023-51765 (sendmail through 8.17.2 allows SMTP smuggling in certain configu
CVE-2023-51764 (Postfix through 3.8.5 allows SMTP smuggling unless configured with smt ...)
{DLA-3725-1}
- postfix 3.8.4-1 (bug #1059230)
- [bookworm] - postfix <no-dsa> (Minor issue; mitigations exist)
+ [bookworm] - postfix 3.7.9-0+deb12u1
[bullseye] - postfix <no-dsa> (Minor issue; mitigations exist)
NOTE: https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
NOTE: https://www.openwall.com/lists/oss-security/2023/12/21/6
@@ -8932,7 +8940,7 @@ CVE-2023-39251 (Dell BIOS contains an Improper Input Validation vulnerability. A
NOT-FOR-US: Dell
CVE-2023-52322 (ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2 ...)
- spip 4.1.13+dfsg-1 (bug #1059331)
- [bookworm] - spip <no-dsa> (Minor issue)
+ [bookworm] - spip 4.1.9+dfsg-1+deb12u4
[bullseye] - spip <no-dsa> (Minor issue)
[buster] - spip <no-dsa> (Minor issue)
NOTE: https://blog.spip.net/Mise-a-jour-de-maintenance-et-securite-sortie-de-SPIP-4-2-7-SPIP-4-1-13.html?lang=fr
@@ -8971,7 +8979,7 @@ CVE-2023-6690 (A race condition in GitHub Enterprise Server allowed an existing
NOT-FOR-US: GitHub Enterprise Server
CVE-2023-51713 (make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of- ...)
- proftpd-dfsg 1.3.8.a+dfsg-1
- [bookworm] - proftpd-dfsg <no-dsa> (Minor issue)
+ [bookworm] - proftpd-dfsg 1.3.8+dfsg-4+deb12u3
[bullseye] - proftpd-dfsg <no-dsa> (Minor issue)
[buster] - proftpd-dfsg <no-dsa> (Minor issue)
NOTE: https://github.com/proftpd/proftpd/issues/1683
@@ -9342,7 +9350,7 @@ CVE-2023-7018 (Deserialization of Untrusted Data in GitHub repository huggingfac
NOT-FOR-US: Transformers
CVE-2023-7008 (A vulnerability was found in systemd-resolved. This issue may allow sy ...)
- systemd 255.1-3 (bug #1059278)
- [bookworm] - systemd <no-dsa> (Minor issue)
+ [bookworm] - systemd 252.21-1~deb12u1
[bullseye] - systemd <no-dsa> (Minor issue)
[buster] - systemd <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2222672
@@ -10020,7 +10028,7 @@ CVE-2023-32230 (An improper handling of a malformed API request to an API server
CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions, found in O ...)
{DSA-5601-1 DSA-5600-1 DSA-5599-1 DSA-5591-1 DSA-5588-1 DSA-5586-1 DLA-3730-1 DLA-3719-1 DLA-3718-1 DLA-3694-1}
- dropbear 2022.83-4 (bug #1059001)
- [bookworm] - dropbear <no-dsa> (Minor issue)
+ [bookworm] - dropbear 2022.83-1+deb12u1
[bullseye] - dropbear <no-dsa> (Minor issue)
[buster] - dropbear <not-affected> (ChaCha20-Poly1305 support introduced in 2020.79; *-EtM not supported as of 2022.83)
- erlang 1:25.3.2.8+dfsg-1 (bug #1059002)
@@ -10028,7 +10036,7 @@ CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions, foun
[bullseye] - erlang <no-dsa> (Minor issue)
[buster] - erlang <no-dsa> (Minor issue)
- filezilla 3.66.4-1
- [bookworm] - filezilla <no-dsa> (Minor issue)
+ [bookworm] - filezilla 3.63.0-1+deb12u3
[bullseye] - filezilla <no-dsa> (Minor issue)
[buster] - filezilla <no-dsa> (Minor issue)
- golang-go.crypto 1:0.17.0-1 (bug #1059003)
@@ -10049,11 +10057,11 @@ CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions, foun
- php-phpseclib 2.0.46-1
- php-phpseclib3 3.0.35-1
- proftpd-dfsg 1.3.8.b+dfsg-1 (bug #1059144)
- [bookworm] - proftpd-dfsg <no-dsa> (Minor issue)
+ [bookworm] - proftpd-dfsg 1.3.8+dfsg-4+deb12u3
[bullseye] - proftpd-dfsg <no-dsa> (Minor issue)
[buster] - proftpd-dfsg <no-dsa> (Minor issue)
- proftpd-mod-proxy 0.9.3-1 (bug #1059290)
- [bookworm] - proftpd-mod-proxy <no-dsa> (Minor issue)
+ [bookworm] - proftpd-mod-proxy 0.9.2-1+deb12u1
[bullseye] - proftpd-mod-proxy <no-dsa> (Minor issue)
- putty 0.80-1
- python-asyncssh <unfixed> (bug #1059007)
@@ -11431,7 +11439,7 @@ CVE-2023-42495 (Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neu
CVE-2023-34194 (StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML ...)
{DLA-3701-1}
- tinyxml 2.6.2-6.1 (bug #1059315)
- [bookworm] - tinyxml <no-dsa> (Minor issue)
+ [bookworm] - tinyxml 2.6.2-6+deb12u1
[bullseye] - tinyxml <no-dsa> (Minor issue)
NOTE: https://www.forescout.com/resources/sierra21-vulnerabilities
NOTE: Debian (non upstream) patch: https://salsa.debian.org/debian/tinyxml/-/raw/2366e1f23d059d4c20c43c54176b6bd78d6a83fc/debian/patches/CVE-2023-34194.patch
@@ -11650,35 +11658,35 @@ CVE-2023-4932 (SAS application is vulnerable to Reflected Cross-Site Scripting (
NOT-FOR-US: SAS
CVE-2023-49994 (Espeak-ng 1.52-dev was discovered to contain a Floating Point Exceptio ...)
- espeak-ng 1.51+dfsg-12 (bug #1059060)
- [bookworm] - espeak-ng <no-dsa> (Minor issue)
+ [bookworm] - espeak-ng 1.51+dfsg-10+deb12u1
[bullseye] - espeak-ng <no-dsa> (Minor issue)
[buster] - espeak-ng <no-dsa> (Minor issue)
NOTE: https://github.com/espeak-ng/espeak-ng/issues/1823
NOTE: https://github.com/espeak-ng/espeak-ng/commit/58f1e0b6a4e6aa55621c6f01118994d01fd6f68c
CVE-2023-49993 (Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow via the ...)
- espeak-ng 1.51+dfsg-12 (bug #1059060)
- [bookworm] - espeak-ng <no-dsa> (Minor issue)
+ [bookworm] - espeak-ng 1.51+dfsg-10+deb12u1
[bullseye] - espeak-ng <no-dsa> (Minor issue)
[buster] - espeak-ng <no-dsa> (Minor issue)
NOTE: https://github.com/espeak-ng/espeak-ng/issues/1826
NOTE: https://github.com/espeak-ng/espeak-ng/commit/58f1e0b6a4e6aa55621c6f01118994d01fd6f68c
CVE-2023-49992 (Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow v ...)
- espeak-ng 1.51+dfsg-12 (bug #1059060)
- [bookworm] - espeak-ng <no-dsa> (Minor issue)
+ [bookworm] - espeak-ng 1.51+dfsg-10+deb12u1
[bullseye] - espeak-ng <no-dsa> (Minor issue)
[buster] - espeak-ng <no-dsa> (Minor issue)
NOTE: https://github.com/espeak-ng/espeak-ng/issues/1827
NOTE: https://github.com/espeak-ng/espeak-ng/commit/58f1e0b6a4e6aa55621c6f01118994d01fd6f68c
CVE-2023-49991 (Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow ...)
- espeak-ng 1.51+dfsg-12 (bug #1059060)
- [bookworm] - espeak-ng <no-dsa> (Minor issue)
+ [bookworm] - espeak-ng 1.51+dfsg-10+deb12u1
[bullseye] - espeak-ng <no-dsa> (Minor issue)
[buster] - espeak-ng <no-dsa> (Minor issue)
NOTE: https://github.com/espeak-ng/espeak-ng/issues/1825
NOTE: https://github.com/espeak-ng/espeak-ng/commit/58f1e0b6a4e6aa55621c6f01118994d01fd6f68c
CVE-2023-49990 (Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the ...)
- espeak-ng 1.51+dfsg-12 (bug #1059060)
- [bookworm] - espeak-ng <no-dsa> (Minor issue)
+ [bookworm] - espeak-ng 1.51+dfsg-10+deb12u1
[bullseye] - espeak-ng <no-dsa> (Minor issue)
[buster] - espeak-ng <no-dsa> (Minor issue)
NOTE: https://github.com/espeak-ng/espeak-ng/issues/1824
@@ -11938,7 +11946,7 @@ CVE-2023-6356 (A flaw was found in the Linux kernel's NVMe driver. This issue ma
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2254054
CVE-2023-39804 [Incorrectly handled extension attributes in PAX archives can lead to a crash]
- tar 1.34+dfsg-1.3 (bug #1058079)
- [bookworm] - tar <no-dsa> (Minor issue)
+ [bookworm] - tar 1.34+dfsg-1.2+deb12u1
[bullseye] - tar <no-dsa> (Minor issue)
[buster] - tar <no-dsa> (Minor issue)
NOTE: Fixed by: https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4 (v1.35)
@@ -12050,6 +12058,7 @@ CVE-2023-6646 (A vulnerability classified as problematic has been found in linkd
NOT-FOR-US: linkding
CVE-2023-50431 (sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c ...)
- linux 6.6.15-1
+ [bookworm] - linux 6.1.76-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://lists.freedesktop.org/archives/dri-devel/2023-November/431772.html
@@ -12120,6 +12129,7 @@ CVE-2023-6611 (A vulnerability was found in Tongda OA 2017 up to 11.9. It has be
NOT-FOR-US: Tongda OA
CVE-2023-6610 (An out-of-bounds read vulnerability was found in smb2_dump_detail in f ...)
- linux 6.6.13-1 (unimportant)
+ [bookworm] - linux 6.1.76-1
NOTE: CONFIG_CIFS_DEBUG2 not enabled in Debian
NOTE: https://git.kernel.org/linus/567320c46a60a3c39b69aa1df802d753817a3f86
CVE-2023-6609 (A vulnerability was found in osCommerce 4. It has been classified as p ...)
@@ -12131,6 +12141,7 @@ CVE-2023-6607 (A vulnerability has been found in Tongda OA 2017 up to 11.10 and
CVE-2023-6606 (An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb ...)
{DLA-3710-1}
- linux 6.6.9-1
+ [bookworm] - linux 6.1.76-1
NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=218218
NOTE: https://git.kernel.org/linus/b35858b3786ddbb56e1c35138ba25d6adf8d0bef
CVE-2023-6507 (An issue was found in CPython 3.12.0 `subprocess` module on POSIX plat ...)
@@ -12329,21 +12340,21 @@ CVE-2023-49492 (DedeCMS v5.7.111 was discovered to contain a reflective cross-si
CVE-2023-49468 (Libde265 v1.0.14 was discovered to contain a global buffer overflow vu ...)
{DLA-3699-1}
- libde265 1.0.15-1 (bug #1059275)
- [bookworm] - libde265 <no-dsa> (Minor issue)
+ [bookworm] - libde265 1.0.11-1+deb12u2
[bullseye] - libde265 <no-dsa> (Minor issue)
NOTE: https://github.com/strukturag/libde265/issues/432
NOTE: Fixed by: https://github.com/strukturag/libde265/commit/3e822a3ccf88df1380b165d6ce5a00494a27ceeb (v1.0.15)
CVE-2023-49467 (Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vuln ...)
{DLA-3699-1}
- libde265 1.0.15-1 (bug #1059275)
- [bookworm] - libde265 <no-dsa> (Minor issue)
+ [bookworm] - libde265 1.0.11-1+deb12u2
[bullseye] - libde265 <no-dsa> (Minor issue)
NOTE: https://github.com/strukturag/libde265/issues/434
NOTE: Fixed by: https://github.com/strukturag/libde265/commit/7e4faf254bbd2e52b0f216cb987573a2cce97b54 (v1.0.15)
CVE-2023-49465 (Libde265 v1.0.14 was discovered to contain a heap-buffer-overflow vuln ...)
{DLA-3699-1}
- libde265 1.0.15-1 (bug #1059275)
- [bookworm] - libde265 <no-dsa> (Minor issue)
+ [bookworm] - libde265 1.0.11-1+deb12u2
[bullseye] - libde265 <no-dsa> (Minor issue)
NOTE: https://github.com/strukturag/libde265/issues/435
NOTE: Fixed by: https://github.com/strukturag/libde265/commit/1475c7d2f0a6dc35c27e18abc4db9679bfd32568 (v1.0.15)
@@ -12896,7 +12907,7 @@ CVE-2023-49289 (Ajax.NET Professional (AjaxPro) is an AJAX framework for Microso
NOT-FOR-US: Ajax.NET Professional
CVE-2023-49284 (fish is a smart and user-friendly command line shell for macOS, Linux, ...)
- fish 3.6.4-1 (bug #1057455)
- [bookworm] - fish <no-dsa> (Minor issue)
+ [bookworm] - fish 3.6.0-3.1+deb12u1
[bullseye] - fish <no-dsa> (Minor issue)
[buster] - fish <no-dsa> (Minor issue)
NOTE: https://github.com/fish-shell/fish-shell/security/advisories/GHSA-2j9r-pm96-wp4f
@@ -19970,6 +19981,7 @@ CVE-2023-33517 (carRental 1.0 is vulnerable to Incorrect Access Control (Arbitra
NOT-FOR-US: carRental
CVE-2023-5633 (The reference count changes made as part of the CVE-2023-33951 and CVE ...)
- linux 6.5.8-1
+ [bookworm] - linux 6.1.76-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/91398b413d03660fd5828f7b4abc64e884b98069 (6.6-rc6)
@@ -20087,7 +20099,7 @@ CVE-2023-46306 (The web administration interface in NetModule Router Software (N
NOT-FOR-US: NetModule Router Software
CVE-2023-46303 (link_to_local_path in ebooks/conversion/plugins/html_input.py in calib ...)
- calibre 6.19.1-1
- [bookworm] - calibre <no-dsa> (Minor issue)
+ [bookworm] - calibre 6.13.0+repack-2+deb12u3
[bullseye] - calibre <no-dsa> (Minor issue)
[buster] - calibre <no-dsa> (Minor issue)
NOTE: https://github.com/0x1717/ssrf-via-img
@@ -22665,7 +22677,7 @@ CVE-2023-34324 (Closing of an event channel in the Linux kernel can result in a
NOTE: https://git.kernel.org/linus/87797fad6cce28ec9be3c13f031776ff4f104cfc (6.6-rc6)
CVE-2023-46837 (Arm provides multiple helpers to clean & invalidate the cache for a gi ...)
- xen 4.17.3+10-g091466ba55-1
- [bookworm] - xen <postponed> (Minor issue, fix along in next DSA)
+ [bookworm] - xen 4.17.3+10-g091466ba55-1~deb12u1
[bullseye] - xen <end-of-life> (EOLed in Bullseye)
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-447.html
@@ -34405,7 +34417,7 @@ CVE-2018-25088 (A vulnerability, which was classified as critical, was found in
NOT-FOR-US: Blue Yonder postgraas_server
CVE-2023-3724 (If a TLS 1.3 client gets neither a PSK (pre shared key) extension nor ...)
- wolfssl 5.5.4-2.1 (bug #1041699)
- [bookworm] - wolfssl <no-dsa> (Minor issue)
+ [bookworm] - wolfssl 5.5.4-2+deb12u1
[bullseye] - wolfssl <no-dsa> (Minor issue)
NOTE: https://github.com/wolfSSL/wolfssl/pull/6412
NOTE: https://github.com/wolfSSL/wolfssl/commit/00f1eddee429ff51390b20caadd2eb6afe51e1aa (v5.6.2-stable)
@@ -37264,9 +37276,9 @@ CVE-2023-3327
REJECTED
CVE-2023-36464 (pypdf is an open source, pure-python PDF library. In affected versions ...)
- pypdf 3.17.4-1 (bug #1040338)
- [bookworm] - pypdf <no-dsa> (Minor issue)
+ [bookworm] - pypdf 3.4.1-1+deb12u1
- pypdf2 2.12.1-4 (bug #1040339)
- [bookworm] - pypdf2 <no-dsa> (Minor issue)
+ [bookworm] - pypdf2 2.12.1-3+deb12u1
[bullseye] - pypdf2 <not-affected> (Vulnerable code not present)
[buster] - pypdf2 <not-affected> (Vulnerable code not present)
NOTE: https://github.com/py-pdf/pypdf/security/advisories/GHSA-4vvm-4w3v-6mr8
@@ -54094,6 +54106,7 @@ CVE-2023-1194 (An out-of-bounds (OOB) memory read flaw was found in parse_lease_
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2154176
CVE-2023-1193 (A use-after-free flaw was found in setup_async_work in the KSMBD imple ...)
- linux 6.3.7-1
+ [bookworm] - linux 6.1.76-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2154177
@@ -63375,6 +63388,7 @@ CVE-2022-48304
RESERVED
CVE-2022-48303 (GNU Tar through 1.34 has a one-byte out-of-bounds read that results in ...)
- tar 1.34+dfsg-1.4 (unimportant)
+ [bookworm] - tar 1.34+dfsg-1.2+deb12u1
NOTE: Crash in CLI tool, no security impact
NOTE: https://savannah.gnu.org/bugs/?62387
NOTE: https://savannah.gnu.org/patch/?10307
@@ -73526,7 +73540,7 @@ CVE-2023-22085 (Vulnerability in the Hospitality OPERA 5 Property Services produ
CVE-2023-22084 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
{DLA-3722-1}
- mariadb 1:10.11.6-1
- [bookworm] - mariadb <no-dsa> (Minor issue, will be fixed via point update)
+ [bookworm] - mariadb 1:10.11.6-0+deb12u1
- mariadb-10.5 <removed>
[bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed via point update)
- mariadb-10.3 <removed>
=====================================
data/next-point-update.txt
=====================================
@@ -1,103 +1,3 @@
-CVE-2023-3724
- [bookworm] - wolfssl 5.5.4-2+deb12u1
-CVE-2023-22084
- [bookworm] - mariadb 1:10.11.6-0+deb12u1
-CVE-2023-49284
- [bookworm] - fish 3.6.0-3.1+deb12u1
-CVE-2023-52322
- [bookworm] - spip 4.1.9+dfsg-1+deb12u4
-CVE-2024-23659
- [bookworm] - spip 4.1.9+dfsg-1+deb12u4
-CVE-2023-51764
- [bookworm] - postfix 3.7.9-0+deb12u1
-CVE-2023-7008
- [bookworm] - systemd 252.21-1~deb12u1
-CVE-2023-49994
- [bookworm] - espeak-ng 1.51+dfsg-10+deb12u1
-CVE-2023-49993
- [bookworm] - espeak-ng 1.51+dfsg-10+deb12u1
-CVE-2023-49992
- [bookworm] - espeak-ng 1.51+dfsg-10+deb12u1
-CVE-2023-49991
- [bookworm] - espeak-ng 1.51+dfsg-10+deb12u1
-CVE-2023-49990
- [bookworm] - espeak-ng 1.51+dfsg-10+deb12u1
-CVE-2023-48795
- [bookworm] - filezilla 3.63.0-1+deb12u3
-CVE-2023-48795
- [bookworm] - dropbear 2022.83-1+deb12u1
-CVE-2023-49465
- [bookworm] - libde265 1.0.11-1+deb12u2
-CVE-2023-49467
- [bookworm] - libde265 1.0.11-1+deb12u2
-CVE-2023-49468
- [bookworm] - libde265 1.0.11-1+deb12u2
-CVE-2023-48795
- [bookworm] - proftpd-dfsg 1.3.8+dfsg-4+deb12u3
-CVE-2023-51713
- [bookworm] - proftpd-dfsg 1.3.8+dfsg-4+deb12u3
-CVE-2024-21633
- [bookworm] - apktool 2.7.0+dfsg-6+deb12u1
-CVE-2023-46303
- [bookworm] - calibre 6.13.0+repack-2+deb12u3
-CVE-2024-22368
- [bookworm] - libspreadsheet-parsexlsx-perl 0.27-3+deb12u1
-CVE-2024-23525
- [bookworm] - libspreadsheet-parsexlsx-perl 0.27-3+deb12u2
-CVE-2023-48795
- [bookworm] - proftpd-mod-proxy 0.9.2-1+deb12u1
-CVE-2023-36464
- [bookworm] - pypdf 3.4.1-1+deb12u1
-CVE-2023-36464
- [bookworm] - pypdf2 2.12.1-3+deb12u1
-CVE-2022-48303
- [bookworm] - tar 1.34+dfsg-1.2+deb12u1
-CVE-2023-39804
- [bookworm] - tar 1.34+dfsg-1.2+deb12u1
-CVE-2024-0567
- [bookworm] - gnutls28 3.7.9-2+deb12u2
-CVE-2024-0553
- [bookworm] - gnutls28 3.7.9-2+deb12u2
-CVE-2023-34194
- [bookworm] - tinyxml 2.6.2-6+deb12u1
-CVE-2023-51698
- [bookworm] - atril 1.26.0-2+deb12u2
-CVE-2023-6693
- [bookworm] - qemu 1:7.2+dfsg-7+deb12u4
-CVE-2023-6683
- [bookworm] - qemu 1:7.2+dfsg-7+deb12u4
-CVE-2024-0911
- [bookworm] - indent 2.2.12-4+deb12u3
-CVE-2023-1193
- [bookworm] - linux 6.1.76-1
-CVE-2023-46838
- [bookworm] - linux 6.1.76-1
-CVE-2023-50431
- [bookworm] - linux 6.1.76-1
-CVE-2023-52340
- [bookworm] - linux 6.1.76-1
-CVE-2023-5633
- [bookworm] - linux 6.1.76-1
-CVE-2023-6606
- [bookworm] - linux 6.1.76-1
-CVE-2023-6610
- [bookworm] - linux 6.1.76-1
-CVE-2023-6915
- [bookworm] - linux 6.1.76-1
-CVE-2024-1085
- [bookworm] - linux 6.1.76-1
-CVE-2024-1086
- [bookworm] - linux 6.1.76-1
-CVE-2024-22705
- [bookworm] - linux 6.1.76-1
-CVE-2024-23849
- [bookworm] - linux 6.1.76-1
-CVE-2023-46837
- [bookworm] - xen 4.17.3+10-g091466ba55-1~deb12u1
-CVE-2023-46840
- [bookworm] - xen 4.17.3+10-g091466ba55-1~deb12u1
-CVE-2023-46839
- [bookworm] - xen 4.17.3+10-g091466ba55-1~deb12u1
CVE-2023-37378
[bookworm] - nsis 3.08-3+deb12u1
CVE-2023-3153
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ec0e55f6825bf0122baa257f36d26bfc7529fea5...2415d8287e26a297b81274cb5b9abb842a55e880
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ec0e55f6825bf0122baa257f36d26bfc7529fea5...2415d8287e26a297b81274cb5b9abb842a55e880
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240210/3e1513c7/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list