[Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-42363
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Oct 6 20:27:08 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4a6d10b7 by Salvatore Bonaccorso at 2024-10-06T21:25:15+02:00
Update information for CVE-2023-42363
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -81476,11 +81476,12 @@ CVE-2023-42364 (A use-after-free vulnerability in BusyBox v.1.36.1 allows attack
[buster] - busybox <no-dsa> (Minor issue)
NOTE: https://bugs.busybox.net/show_bug.cgi?id=15868
CVE-2023-42363 (A use-after-free vulnerability was discovered in xasprintf function in ...)
- - busybox <unfixed> (bug #1059050)
+ - busybox 1:1.37.0-1 (bug #1059050)
[bookworm] - busybox <no-dsa> (Minor issue)
[bullseye] - busybox <no-dsa> (Minor issue)
[buster] - busybox <no-dsa> (Minor issue)
NOTE: https://bugs.busybox.net/show_bug.cgi?id=15865
+ NOTE: https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa (1_37_0)
CVE-2023-3545 (Improper sanitisation in `main/inc/lib/fileUpload.lib.php` in Chamilo ...)
NOT-FOR-US: Chamilo LMS
CVE-2023-3533 (Path traversal in file upload functionality in `/main/webservices/addi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a6d10b7ae2fe86f9fff01c7244411ab951195a3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a6d10b7ae2fe86f9fff01c7244411ab951195a3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241006/e11a727d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list