[Git][security-tracker-team/security-tracker][master] "new" phpseclib issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Jun 28 12:41:32 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1588116e by Moritz Muehlenhoff at 2024-06-28T13:40:55+02:00
"new" phpseclib issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101,7 +101,16 @@ CVE-2024-22272 (VMware Cloud Director contains an Improper Privilege Management
CVE-2024-22260 (VMware Workspace One UEM update addresses an information exposure vuln ...)
NOT-FOR-US: VMware
CVE-2023-52892 (In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, ...)
- TODO: check
+ - phpseclib 1.0.22-1
+ [bookworm] - phpseclib <no-dsa> (Minor issue; can be fixed via pu)
+ [bullseye] - phpseclib <no-dsa> (Minor issue; can be fixed via pu)
+ - php-phpseclib 2.0.46-1
+ [bookworm] - php-phpseclib <no-dsa> (Minor issue; can be fixed via pu)
+ [bullseye] - php-phpseclib <no-dsa> (Minor issue; can be fixed via pu)
+ - php-phpseclib3 3.0.33-1
+ [bookworm] - php-phpseclib3 <no-dsa> (Minor issue; can be fixed via pu)
+ NOTE: https://github.com/phpseclib/phpseclib/commit/6cd6e8ceab9f2b55c8cd81d2192bf98cbeaf4627
+ NOTE: https://github.com/phpseclib/phpseclib/issues/1943
CVE-2023-47803 (A vulnerability regarding improper limitation of a pathname to a restr ...)
NOT-FOR-US: Synology
CVE-2023-47802 (A vulnerability regarding improper neutralization of special elements ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1588116e0759091023a2b28063d2230db4838b8e
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1588116e0759091023a2b28063d2230db4838b8e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240628/79cb7c92/attachment.htm>
More information about the debian-security-tracker-commits
mailing list