[Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-25656 and associate with golang-github-notaryproject-notation-go

Mon Jan 27 19:31:38 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d9398793 by Salvatore Bonaccorso at 2025-01-27T20:30:04+01:00
Update status for CVE-2023-25656 and associate with golang-github-notaryproject-notation-go

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -161868,7 +161868,8 @@ CVE-2023-25658 (TensorFlow is an open source platform for machine learning. Prio
 CVE-2023-25657 (Nautobot is a Network Source of Truth and Network Automation Platform. ...)
 	NOT-FOR-US: Nautobot
 CVE-2023-25656 (notation-go is a collection of libraries for supporting Notation sign, ...)
-	NOT-FOR-US: notation-go
+	- golang-github-notaryproject-notation-go <not-affected> (Fixed before initial upload to Debian)
+	NOTE: https://github.com/notaryproject/notation-go/security/advisories/GHSA-87x9-7grx-m28v
 CVE-2023-25655 (baserCMS is a Content Management system. Prior to version 4.7.5, any f ...)
 	NOT-FOR-US: baserCMS
 CVE-2023-25654 (baserCMS is a Content Management system. Prior to version 4.7.5, there ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9398793a77e809f22060c14b9440fcef65eaf51

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9398793a77e809f22060c14b9440fcef65eaf51
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250127/47f3cc1a/attachment.htm>
