[Git][security-tracker-team/security-tracker][master] 3 commits: Add upstream tag information for CVE-2023-49295
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jan 12 20:39:44 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c37e2837 by Salvatore Bonaccorso at 2024-01-12T21:18:14+01:00
Add upstream tag information for CVE-2023-49295
- - - - -
423125a2 by Salvatore Bonaccorso at 2024-01-12T21:18:16+01:00
CVE-2023-49295: Order commits by released version
- - - - -
48195186 by Salvatore Bonaccorso at 2024-01-12T21:18:17+01:00
Track fixed version for CVE-2023-49295/golang-github-lucas-clemente-quic-go via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -477,18 +477,18 @@ CVE-2023-51123 (An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a re
CVE-2023-51073 (An issue in Buffalo LS210D v.1.78-0.03 allows a remote attacker to exe ...)
NOT-FOR-US: Buffalo
CVE-2023-49295 (quic-go is an implementation of the QUIC protocol (RFC 9000, RFC 9001, ...)
- - golang-github-lucas-clemente-quic-go <unfixed>
+ - golang-github-lucas-clemente-quic-go 0.38.2-1
[bookworm] - golang-github-lucas-clemente-quic-go <no-dsa> (Minor issue)
[bullseye] - golang-github-lucas-clemente-quic-go <no-dsa> (Minor issue)
NOTE: https://github.com/quic-go/quic-go/security/advisories/GHSA-ppxx-5m9h-6vxf
- NOTE: https://github.com/quic-go/quic-go/commit/17fc98c2d81dbe685c19702dc694a9d606ac56dc
- NOTE: https://github.com/quic-go/quic-go/commit/21609ddfeff93668c7625a85eb09f1541fdad965
- NOTE: https://github.com/quic-go/quic-go/commit/3a9c18bcd27a01c551ac9bf8bd2b4bded77c189a
- NOTE: https://github.com/quic-go/quic-go/commit/554d543b50b917369fb1394cc5396d928166cf49
- NOTE: https://github.com/quic-go/quic-go/commit/6cc3d58935426191296171a6c0d1ee965e10534e
- NOTE: https://github.com/quic-go/quic-go/commit/9aaefe19fc3dc8c8917cc87e6128bb56d9e9e6cc
- NOTE: https://github.com/quic-go/quic-go/commit/a0ffa757499913f7be69aa78f573a6aee3430ae4
- NOTE: https://github.com/quic-go/quic-go/commit/d7aa627ebde91cf799ada2a07443faa9b1e5abb8
+ NOTE: https://github.com/quic-go/quic-go/commit/3a9c18bcd27a01c551ac9bf8bd2b4bded77c189a (v0.40.1)
+ NOTE: https://github.com/quic-go/quic-go/commit/554d543b50b917369fb1394cc5396d928166cf49 (v0.40.1)
+ NOTE: https://github.com/quic-go/quic-go/commit/a0ffa757499913f7be69aa78f573a6aee3430ae4 (v0.39.4)
+ NOTE: https://github.com/quic-go/quic-go/commit/6cc3d58935426191296171a6c0d1ee965e10534e (v0.39.4)
+ NOTE: https://github.com/quic-go/quic-go/commit/17fc98c2d81dbe685c19702dc694a9d606ac56dc (v0.38.2)
+ NOTE: https://github.com/quic-go/quic-go/commit/9aaefe19fc3dc8c8917cc87e6128bb56d9e9e6cc (v0.38.2)
+ NOTE: https://github.com/quic-go/quic-go/commit/d7aa627ebde91cf799ada2a07443faa9b1e5abb8 (v0.37.7)
+ NOTE: https://github.com/quic-go/quic-go/commit/21609ddfeff93668c7625a85eb09f1541fdad965 (v0.37.7)
CVE-2023-45175 (IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user ...)
NOT-FOR-US: IBM
CVE-2023-45173 (IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d339433a4e85da24c1cfe6e24769ad2cf80ee41c...48195186a7a59fd3aee11af7570c83a51c134947
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d339433a4e85da24c1cfe6e24769ad2cf80ee41c...48195186a7a59fd3aee11af7570c83a51c134947
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240112/39545e43/attachment.htm>
More information about the debian-security-tracker-commits
mailing list