[Git][security-tracker-team/security-tracker][master] CVE-2023-44428,CVE-2024-48013/musescore*: precise bullseye triage
Sylvain Beucler (@beuc)
gitlab at salsa.debian.org
Wed Apr 2 20:09:37 BST 2025
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ea610fde by Sylvain Beucler at 2025-04-02T21:09:15+02:00
CVE-2023-44428,CVE-2024-48013/musescore*: precise bullseye triage
following IRC discussion with jmm
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6248,10 +6248,10 @@ CVE-2024-48013 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 1
CVE-2024-44866 (A buffer overflow in the GuitarPro1::read function of MuseScore Studio ...)
- musescore3 <unfixed>
[bookworm] - musescore3 <ignored> (Minor issue)
- [bullseye] - musescore3 <ignored> (Minor issue, limited support, see musescore.README.Debian)
+ [bullseye] - musescore3 <ignored> (Minor issue, limited support, see #1070860 and pending musescore.README.Debian)
- musescore2 <unfixed>
[bookworm] - musescore2 <ignored> (Minor issue)
- [bullseye] - musescore2 <ignored> (Minor issue, limited support, see musescore.README.Debian)
+ [bullseye] - musescore2 <ignored> (Minor issue, limited support, see #1070860 and pending musescore.README.Debian)
- musescore <removed>
NOTE: https://github.com/moonadon9/CVE_2024
NOTE: Fixed by: https://github.com/musescore/MuseScore/commit/0630461b734201db24139b0dc1657371fce41fb9 (v4.4.0)
@@ -98426,10 +98426,10 @@ CVE-2023-44430 (Bentley View SKP File Parsing Use-After-Free Remote Code Executi
CVE-2023-44428 (MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Exec ...)
- musescore2 <unfixed> (bug #1070860)
[bookworm] - musescore2 <ignored> (Minor issue)
- [bullseye] - musescore2 <ignored> (Minor issue, limited support, see musescore.README.Debian)
+ [bullseye] - musescore2 <ignored> (Minor issue, limited support, see #1070860 and pending musescore.README.Debian)
- musescore3 <unfixed> (bug #1070860)
[bookworm] - musescore3 <ignored> (Minor issue)
- [bullseye] - musescore3 <ignored> (Minor issue, limited support, see musescore.README.Debian)
+ [bullseye] - musescore3 <ignored> (Minor issue, limited support, see #1070860 and pending musescore.README.Debian)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1526/
CVE-2023-44427 (D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command Injecti ...)
NOT-FOR-US: D-Link
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea610fde7999217bf4cff4fbce7bb85177ceac4b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea610fde7999217bf4cff4fbce7bb85177ceac4b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250402/dac9e431/attachment.htm>
More information about the debian-security-tracker-commits
mailing list