[Git][security-tracker-team/security-tracker][master] Add references for CVE-2023-6246, CVE-2023-6779 and CVE-2023-6780
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 31 13:51:11 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
669b5f32 by Salvatore Bonaccorso at 2024-01-31T14:48:34+01:00
Add references for CVE-2023-6246, CVE-2023-6779 and CVE-2023-6780
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -162,18 +162,24 @@ CVE-2023-6246 [syslog: Fix heap buffer overflow in __vsyslog_internal]
NOTE: https://www.qualys.com/2024/01/30/syslog
NOTE: Introducecd by: https://sourceware.org/git?p=glibc.git;a=commit;h=52a5be0df411ef3ff45c10c7c308cb92993d15b1
NOTE: Fixed by: https://sourceware.org/git?p=glibc.git;a=commit;h=6bd0e4efcc78f3c0115e5ea9739a1642807450da
+ NOTE: https://sourceware.org/pipermail/libc-announce/2024/000037.html
+ NOTE: https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2024-0001;hb=HEAD
CVE-2023-6779 [syslog: Fix heap buffer overflow in __vsyslog_internal]
{DSA-5611-1}
- glibc 2.37-15
[bullseye] - glibc <not-affected> (Vulnerable code not present)
[buster] - glibc <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=7e5a0c286da33159d47d0122007aac016f3e02cd
+ NOTE: https://sourceware.org/pipermail/libc-announce/2024/000037.html
+ NOTE: https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2024-0002;hb=HEAD
CVE-2023-6780 [syslog: Fix integer overflow in __vsyslog_internal]
{DSA-5611-1}
- glibc 2.37-15
[bullseye] - glibc <not-affected> (Vulnerable code not present)
[buster] - glibc <not-affected> (Vulnerable code not present)
NOTE: Fixed by: https://sourceware.org/git/?p=glibc.git;a=commit;h=ddf542da94caf97ff43cc2875c88749880b7259b
+ NOTE: https://sourceware.org/pipermail/libc-announce/2024/000037.html
+ NOTE: https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=advisories/GLIBC-SA-2024-0003;hb=HEAD
CVE-2024-23829 (aiohttp is an asynchronous HTTP client/server framework for asyncio an ...)
- python-aiohttp <unfixed>
NOTE: https://github.com/aio-libs/aiohttp/security/advisories/GHSA-8qpw-xqxj-h4r2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/669b5f32f904c46bc4403bf559f1d2d70a448230
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/669b5f32f904c46bc4403bf559f1d2d70a448230
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240131/9f25693f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list