[Git][security-tracker-team/security-tracker][master] CVE-2023-51764: Add note about fixes for older releases
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 24 20:00:04 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a84b3b03 by Salvatore Bonaccorso at 2024-01-24T20:59:23+01:00
CVE-2023-51764: Add note about fixes for older releases
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5458,6 +5458,7 @@ CVE-2023-51764 (Postfix through 3.8.5 allows SMTP smuggling unless configured wi
NOTE: Long-term fix with new (optional) feature that is disabled by default:
NOTE: New setting: smtpd_forbid_bare_newline = yes
NOTE: https://www.openwall.com/lists/oss-security/2023/12/22/3
+ NOTE: Fixes for older releases: https://www.postfix.org/smtp-smuggling.html#back-ports
CVE-2023-51763 (csv_builder.rb in ActiveAdmin (aka Active Admin) before 3.2.0 allows C ...)
NOT-FOR-US: ActiveAdmin (aka Active Admin)
CVE-2023-7090 (A flaw was found in sudo in the handling of ipa_hostname, where ipa_ho ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a84b3b037d2a137b2a2982a6b7e48baaa6fa9304
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a84b3b037d2a137b2a2982a6b7e48baaa6fa9304
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240124/881b4ba4/attachment.htm>
More information about the debian-security-tracker-commits
mailing list