[Git][security-tracker-team/security-tracker][master] mark dmidecode issue as unimportant
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sat Oct 26 22:40:09 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
55647bc1 by Moritz Muehlenhoff at 2024-10-26T23:39:15+02:00
mark dmidecode issue as unimportant
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -118446,14 +118446,12 @@ CVE-2023-30631 (Improper Input Validation vulnerability in Apache Software Found
NOTE: https://github.com/apache/trafficserver/commit/ee46128fc7099956145be2147e4ddad7fbc7299b (9.2.1-rc0)
NOTE: https://github.com/apache/trafficserver/commit/35dd3efde78a73aefa257e12b8fe78d6cd646ba0 (8.1.7)
CVE-2023-30630 (Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This ...)
- - dmidecode 3.5-1 (bug #1034483)
- [bookworm] - dmidecode <no-dsa> (Minor issue)
- [bullseye] - dmidecode <no-dsa> (Minor issue)
- [buster] - dmidecode <no-dsa> (Minor issue)
+ - dmidecode 3.5-1 (bug #1034483; unimportant)
NOTE: https://github.com/adamreiser/dmiwrite
NOTE: https://lists.nongnu.org/archive/html/dmidecode-devel/2023-03/msg00003.html
NOTE: https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=d8cfbc808f387e87091c25e7d5b8c2bb348bb206
NOTE: https://git.savannah.nongnu.org/cgit/dmidecode.git/commit/?id=6ca381c1247c81f74e1ca4e7706f70bdda72e6f2
+ NOTE: Negligible security impact, a user-controlled file overwrite should not receive a CVE in general
CVE-2023-30629 (Vyper is a Pythonic Smart Contract Language for the ethereum virtual m ...)
NOT-FOR-US: Vyper
CVE-2023-30628 (Kiwi TCMS is an open source test management system. In kiwitcms/Kiwi v ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55647bc1f69a66abe4afd782873e490f0936fefd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55647bc1f69a66abe4afd782873e490f0936fefd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241026/29d4b7ea/attachment.htm>
More information about the debian-security-tracker-commits
mailing list