[Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-51698
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jan 13 16:39:15 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
19fa214b by Salvatore Bonaccorso at 2024-01-13T17:37:26+01:00
Update information on CVE-2023-51698
For reviewers, need to check that the assessment for evince is complete.
The commit referenced is the one porting to use libarchive for
unarchiving. Atril apparently did not move to that until the recent
upstream commit.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -59,9 +59,10 @@ CVE-2023-51804 (An issue in rymcu forest v.0.02 allows a remote attacker to obta
NOT-FOR-US: rymcu forest
CVE-2023-51698 (Atril is a simple multi-page document viewer. Atril is vulnerable to a ...)
- atril <unfixed>
- - evince <undetermined>
+ - evince 3.25.92-1
NOTE: https://github.com/mate-desktop/atril/security/advisories/GHSA-34rr-j8v9-v4p2
- NOTE: https://github.com/mate-desktop/atril/commit/ce41df6467521ff9fd4f16514ae7d6ebb62eb1ed
+ NOTE: Fixed by: https://github.com/mate-desktop/atril/commit/ce41df6467521ff9fd4f16514ae7d6ebb62eb1ed
+ NOTE: Fixed by: https://gitlab.gnome.org/GNOME/evince/commit/7b5ad18399b04cbfce02730d28baf30e9fc35b58 (3.25.4)
CVE-2023-51071 (An access control issue in QStar Archive Solutions Release RELEASE_3-0 ...)
NOT-FOR-US: QStar Archive Solutions Release
CVE-2023-51070 (An access control issue in QStar Archive Solutions Release RELEASE_3-0 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19fa214b122a6a43ad6d6b67cc92af6180f2a58b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19fa214b122a6a43ad6d6b67cc92af6180f2a58b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240113/51ed4e2c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list