Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c63ab282 by Salvatore Bonaccorso at 2023-08-29T22:24:22+02:00
Add two zbar issues, with unclear upstream status
The reporter uses an older version, but unlcear if it is fixed or even
reported upstream.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,9 +9,13 @@ CVE-2023-41362 (MyBB before 1.8.36 allows Code Injection by
users with certain h
CVE-2023-41037 (OpenPGP.js is a JavaScript implementation of the OpenPGP
protocol. In ...)
TODO: check
CVE-2023-40890 (A stack-based buffer overflow vulnerability exists in the
lookup_seque ...)
- TODO: check
+ - zbar <unfixed>
+ NOTE: https://hackmd.io/@cspl/H1PxPAUnn
+ TODO: check if reported upsream
CVE-2023-40889 (A heap-based buffer overflow exists in the
qr_reader_match_centers fun ...)
- TODO: check
+ - zbar <unfixed>
+ NOTE: https://hackmd.io/@cspl/B1ZkFZv23
+ TODO: check if reported upstream
CVE-2023-40787 (In SpringBlade V3.6.0 when executing SQL query, the parameters
submitt ...)
TODO: check
CVE-2023-3646 (On affected platforms running Arista EOS with mirroring to
multiple de ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c63ab282103440a61b7e0e2d48eb036592704987
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c63ab282103440a61b7e0e2d48eb036592704987
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
