[Git][security-tracker-team/security-tracker][master] Add references for shim issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 25 22:17:18 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b445f8c9 by Salvatore Bonaccorso at 2024-01-25T21:50:00+01:00
Add references for shim issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -97,21 +97,29 @@ CVE-2023-52355 (An out-of-memory flaw was found in libtiff that could be trigger
 CVE-2023-40551
 	- shim <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2259918
+	NOTE: https://github.com/rhboot/shim/commit/5a5147d1e19cf90ec280990c84061ac3f67ea1ab (15.8)
 CVE-2023-40550
 	- shim <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2259915
+	NOTE: https://github.com/rhboot/shim/commit/93ce2552f3e9f71f888a672913bfc0eef255c56d (15.8)
+	NOTE: Followup: https://github.com/rhboot/shim/commit/e7f5fdf53ee68025f3ef2688e2f27ccb0082db83 (15.8)
 CVE-2023-40549
 	- shim <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2241797
+	NOTE: https://github.com/rhboot/shim/commit/afdc5039de0a4a3a40162a32daa070f94a883f09 (15.8)
 CVE-2023-40548
 	- shim <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2241782
+	NOTE: https://github.com/rhboot/shim/commit/96dccc255b16e9465dbee50b3cef6b3db74d11c8 (15.8)
 CVE-2023-40547 (A remote code execution vulnerability was found in Shim. The Shim boot ...)
 	- shim <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2234589
+	NOTE: https://github.com/rhboot/shim/commit/0226b56513b2b8bd5fd281bce77c40c9bf07c66d (15.8)
 CVE-2023-40546
 	- shim <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2241796
+	NOTE: https://github.com/rhboot/shim/commit/66e6579dbf921152f647a0c16da1d3b2f40861ca (15.8)
+	NOTE: https://github.com/rhboot/shim/commit/dae82f6bd72cf600e5d48046ec674a441d0f49d7 (15.8)
 CVE-2024-23649 (Lemmy is a link aggregator and forum for the fediverse. Starting in ve ...)
 	TODO: check
 CVE-2024-23648 (Pimcore's Admin Classic Bundle provides a backend user interface for P ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b445f8c9687e2dcbaff455263359ded71c9f8dff

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b445f8c9687e2dcbaff455263359ded71c9f8dff
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240125/e931e73d/attachment.htm>

More information about the debian-security-tracker-commits mailing list