[Git][security-tracker-team/security-tracker][master] CVE-2023-29383/shadow: Add note for regression fix
Adrian Bunk (@bunk)
bunk at debian.org
Sat Oct 26 23:35:48 BST 2024
Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ab5c484a by Adrian Bunk at 2024-10-27T01:21:57+03:00
CVE-2023-29383/shadow: Add note for regression fix
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -122136,6 +122136,7 @@ CVE-2023-29383 (In Shadow 4.13, it is possible to inject control characters into
[buster] - shadow <no-dsa> (Minor issue)
NOTE: https://github.com/shadow-maint/shadow/pull/687
NOTE: Fixed by: https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d (4.14.0-rc1)
+ NOTE: Regression fix: https://github.com/shadow-maint/shadow/commit/2eaea70111f65b16d55998386e4ceb4273c19eb4 (4.14.0-rc1)
NOTE: https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=31797
NOTE: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/
CVE-2023-29382 (An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an atta ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab5c484a4f3dc3a704a11196d460e3a086951824
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab5c484a4f3dc3a704a11196d460e3a086951824
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241026/17f4998a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list