[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 25 Jun 2023 13:12:55 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ada8bca8 by security tracker role at 2023-06-25T20:12:37+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2023-3396 (A vulnerability was found in Campcodes Retro Cellphone Online 
Store 1. ...)
+       TODO: check
+CVE-2023-36632 (The legacy email.utils.parseaddr function in Python through 
3.11.4 all ...)
+       TODO: check
+CVE-2023-36630 (In CloudPanel before 2.3.1, insecure file upload leads to 
privilege es ...)
+       TODO: check
+CVE-2015-20109 (end_pattern (called from internal_fnmatch) in the GNU C 
Library (aka g ...)
+       TODO: check
 CVE-2023-36612 (Directory traversal can occur in the Basecamp com.basecamp.bc3 
applica ...)
        NOT-FOR-US: Basecamp
 CVE-2023-3388 (The Beautiful Cookie Consent Banner for WordPress is vulnerable 
to Sto ...)
@@ -441,11 +449,13 @@ CVE-2023-2829 (A `named` instance configured to run as a 
DNSSEC-validating recur
        - bind9 <not-affected> (Only affects BIND Supported Preview Edition)
        NOTE: https://kb.isc.org/docs/cve-2023-2829
 CVE-2023-2911 (If the `recursive-clients` quota is reached on a BIND 9 
resolver confi ...)
+       {DSA-5439-1}
        - bind9 1:9.18.16-1
        NOTE: https://kb.isc.org/docs/cve-2023-2911
        NOTE: 
https://downloads.isc.org/isc/bind9/9.18.16/patches/0003-CVE-2023-2911.patch
        NOTE: 
https://downloads.isc.org/isc/bind9/9.16.42/patches/0003-CVE-2023-2911.patch
 CVE-2023-2828 (Every `named` instance configured to run as a recursive 
resolver maint ...)
+       {DSA-5439-1}
        - bind9 1:9.18.16-1
        NOTE: https://kb.isc.org/docs/cve-2023-2828
        NOTE: 
https://downloads.isc.org/isc/bind9/9.18.16/patches/0001-CVE-2023-2828.patch
@@ -17129,7 +17139,7 @@ CVE-2023-27478 (libmemcached-awesome is an open source 
C/C++ client library and
 CVE-2023-27477 (wasmtime is a fast and secure runtime for WebAssembly. 
Wasmtime's code ...)
        NOT-FOR-US: wasmtime
 CVE-2023-27476 (OWSLib is a Python package for client programming with Open 
Geospatial ...)
-       {DSA-5426-1}
+       {DSA-5426-1 DLA-3470-1}
        [experimental] - owslib 0.28.1-1~exp1
        - owslib 0.27.2-3 (bug #1034182)
        NOTE: 
https://github.com/geopython/OWSLib/commit/d91267303a695d69e73fa71efa100a035852a063
 (0.29.0)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ada8bca86fdb5b3b9bae3d828618a682fac00f8d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ada8bca86fdb5b3b9bae3d828618a682fac00f8d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to