Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9ecdfc65 by Moritz Muehlenhoff at 2024-10-29T20:09:00+01:00
triage of older issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15250,7 +15250,7 @@ CVE-2024-42364 (Homepage is a highly customizable
homepage with Docker and servi
NOT-FOR-US: gethomepage/homepage
CVE-2024-42040 (Buffer Overflow vulnerability in the net/bootp.c in DENEX
U-Boot from ...)
- u-boot <unfixed> (bug #1081557)
- [bookworm] - u-boot <no-dsa> (Minor issue)
+ [bookworm] - u-boot <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - u-boot <postponed> (Minor issue; can be fixed in next
update)
NOTE: https://lists.denx.de/pipermail/u-boot/2024-August/562528.html
NOTE: https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2024-004.txt
@@ -48482,10 +48482,10 @@ CVE-2023-44430 (Bentley View SKP File Parsing
Use-After-Free Remote Code Executi
NOT-FOR-US: Bentley
CVE-2023-44428 (MuseScore CAP File Parsing Heap-based Buffer Overflow Remote
Code Exec ...)
- musescore2 <unfixed> (bug #1070860)
- [bookworm] - musescore2 <no-dsa> (Minor issue)
+ [bookworm] - musescore2 <ignored> (Minor issue)
[bullseye] - musescore2 <no-dsa> (Minor issue)
- musescore3 <unfixed> (bug #1070860)
- [bookworm] - musescore3 <no-dsa> (Minor issue)
+ [bookworm] - musescore3 <ignored> (Minor issue)
[bullseye] - musescore3 <no-dsa> (Minor issue)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1526/
CVE-2023-44427 (D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command
Injecti ...)
@@ -49841,7 +49841,7 @@ CVE-2023-49606 (A use-after-free vulnerability exists
in the HTTP Connection Hea
NOTE:
https://github.com/tinyproxy/tinyproxy/commit/12a8484265f7b00591293da492bb3c9987001956
CVE-2023-47212 (A heap-based buffer overflow vulnerability exists in the
comment funct ...)
- libstb <unfixed> (bug #1070394)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1846
CVE-2023-47166 (A firmware update vulnerability exists in the luci2-io
file-import fun ...)
@@ -53339,25 +53339,25 @@ CVE-2023-4509 (It is possible for an API key to be
logged in clear text in the a
NOT-FOR-US: Octopus Deploy
CVE-2023-4235 (A flaw was found in ofono, an Open Source Telephony on Linux. A
stack ...)
- ofono <unfixed> (bug #1070371)
- [bookworm] - ofono <no-dsa> (Minor issue)
+ [bookworm] - ofono <postponed> (Revisit when/if fixed upstream)
[bullseye] - ofono <no-dsa> (Minor issue)
[buster] - ofono <postponed> (Minor issue, follow bullseye)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2255402
CVE-2023-4234 (A flaw was found in ofono, an Open Source Telephony on Linux. A
stack ...)
- ofono <unfixed> (bug #1070371)
- [bookworm] - ofono <no-dsa> (Minor issue)
+ [bookworm] - ofono <postponed> (Revisit when/if fixed upstream)
[bullseye] - ofono <no-dsa> (Minor issue)
[buster] - ofono <postponed> (Minor issue, follow bullseye)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2255399
CVE-2023-4233 (A flaw was found in ofono, an Open Source Telephony on Linux. A
stack ...)
- ofono <unfixed> (bug #1070371)
- [bookworm] - ofono <no-dsa> (Minor issue)
+ [bookworm] - ofono <postponed> (Revisit when/if fixed upstream)
[bullseye] - ofono <no-dsa> (Minor issue)
[buster] - ofono <postponed> (Minor issue, follow bullseye)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2255396
CVE-2023-4232 (A flaw was found in ofono, an Open Source Telephony on Linux. A
stack ...)
- ofono <unfixed> (bug #1070371)
- [bookworm] - ofono <no-dsa> (Minor issue)
+ [bookworm] - ofono <postponed> (Revisit when/if fixed upstream)
[bullseye] - ofono <no-dsa> (Minor issue)
[buster] - ofono <postponed> (Minor issue, follow bullseye)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2255394
@@ -88020,14 +88020,14 @@ CVE-2023-49052 (File Upload vulnerability in
Microweber v.2.0.4 allows a remote
CVE-2023-48952 (An issue in the box_deserialize_reusing function in openlink
virtuoso- ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1059062)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1175
CVE-2023-48951 (An issue in the box_equal function in openlink
virtuoso-opensource v7. ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1059062)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1177
@@ -88035,7 +88035,7 @@ CVE-2023-48951 (An issue in the box_equal function in
openlink virtuoso-opensour
CVE-2023-48950 (An issue in the box_col_len function in openlink
virtuoso-opensource v ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1059062)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1174
@@ -88043,21 +88043,21 @@ CVE-2023-48950 (An issue in the box_col_len function
in openlink virtuoso-openso
CVE-2023-48949 (An issue in the box_add function in openlink
virtuoso-opensource v7.2. ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1059062)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1173
CVE-2023-48948 (An issue in the box_div function in openlink
virtuoso-opensource v7.2. ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1059062)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1176
CVE-2023-48947 (An issue in the cha_cmp function of openlink
virtuoso-opensource v7.2. ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1059062)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1179
@@ -88065,7 +88065,7 @@ CVE-2023-48947 (An issue in the cha_cmp function of
openlink virtuoso-opensource
CVE-2023-48946 (An issue in the box_mpy function of openlink
virtuoso-opensource v7.2. ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1059062)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1178
@@ -88073,7 +88073,7 @@ CVE-2023-48946 (An issue in the box_mpy function of
openlink virtuoso-opensource
CVE-2023-48945 (A stack overflow in openlink virtuoso-opensource v7.2.11
allows attack ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1059062)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1172
@@ -94339,109 +94339,102 @@ CVE-2023-46003 (I-doit pro 25 and below is
vulnerable to Cross Site Scripting (X
NOT-FOR-US: I-doit pro
CVE-2023-45682 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 15)
NOTE: https://github.com/nothings/stb/pull/1560
CVE-2023-45681 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 14)
NOTE: https://github.com/nothings/stb/pull/1559
CVE-2023-45680 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 13)
NOTE: https://github.com/nothings/stb/pull/1558
CVE-2023-45679 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 12)
NOTE: https://github.com/nothings/stb/pull/1557
CVE-2023-45678 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 11)
NOTE: https://github.com/nothings/stb/pull/1556
CVE-2023-45677 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 10)
NOTE: https://github.com/nothings/stb/pull/1555
CVE-2023-45676 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 9)
NOTE: https://github.com/nothings/stb/pull/1554
CVE-2023-45675 (stb_vorbis is a single file MIT licensed library for
processing ogg vo ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 8)
NOTE: https://github.com/nothings/stb/issues/1552
- NOTE: https://github.com/nothings/stb/pull/1553
CVE-2023-45667 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 7)
NOTE: https://github.com/nothings/stb/issues/1550
- NOTE: https://github.com/nothings/stb/pull/1551
CVE-2023-45666 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 6)
NOTE: https://github.com/nothings/stb/issues/1548
- NOTE: https://github.com/nothings/stb/pull/1549
CVE-2023-45664 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 4)
NOTE: https://github.com/nothings/stb/issues/1542
- NOTE: https://github.com/nothings/stb/pull/1545
CVE-2023-45663 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 3)
NOTE: https://github.com/nothings/stb/issues/1542
- NOTE: https://github.com/nothings/stb/pull/1543
CVE-2023-45662 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 2)
NOTE: https://github.com/nothings/stb/issues/1540
- NOTE: https://github.com/nothings/stb/pull/1541
CVE-2023-45661 (stb_image is a single file MIT licensed library for processing
images. ...)
- libstb <unfixed> (bug #1054911)
- [bookworm] - libstb <no-dsa> (Minor issue)
+ [bookworm] - libstb <postponed> (Minor issue, revisit when fixed
upstream)
[bullseye] - libstb <no-dsa> (Minor issue)
[buster] - libstb <no-dsa> (Minor issue)
NOTE:
https://securitylab.github.com/advisories/GHSL-2023-145_GHSL-2023-151_stb_image_h/
(issue 1)
NOTE: https://github.com/nothings/stb/issues/1538
- NOTE: https://github.com/nothings/stb/pull/1539
CVE-2023-43357 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18
allows a ...)
NOT-FOR-US: CMSmadesimple
CVE-2023-43356 (Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18
allows a ...)
@@ -115947,7 +115940,7 @@ CVE-2023-31842 (Sourcecodester Faculty Evaluation
System v1.0 is vulnerable to S
CVE-2023-31631 (An issue in the sqlo_preds_contradiction component of openlink
virtuos ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1137
@@ -115955,7 +115948,7 @@ CVE-2023-31631 (An issue in the
sqlo_preds_contradiction component of openlink v
CVE-2023-31630 (An issue in the sqlo_query_spec component of openlink
virtuoso-opensou ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1138
@@ -115963,7 +115956,7 @@ CVE-2023-31630 (An issue in the sqlo_query_spec
component of openlink virtuoso-o
CVE-2023-31629 (An issue in the sqlo_union_scope component of openlink
virtuoso-openso ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1139
@@ -115971,7 +115964,7 @@ CVE-2023-31629 (An issue in the sqlo_union_scope
component of openlink virtuoso-
CVE-2023-31628 (An issue in the stricmp component of openlink
virtuoso-opensource v7.2 ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1141
@@ -115979,7 +115972,7 @@ CVE-2023-31628 (An issue in the stricmp component of
openlink virtuoso-opensourc
CVE-2023-31627 (An issue in the strhash component of openlink
virtuoso-opensource v7.2 ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1140
@@ -115987,7 +115980,7 @@ CVE-2023-31627 (An issue in the strhash component of
openlink virtuoso-opensourc
CVE-2023-31626 (An issue in the gpf_notice component of openlink
virtuoso-opensource v ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1129
@@ -115995,7 +115988,7 @@ CVE-2023-31626 (An issue in the gpf_notice component
of openlink virtuoso-openso
CVE-2023-31625 (An issue in the psiginfo component of openlink
virtuoso-opensource v7. ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1132
@@ -116003,7 +115996,7 @@ CVE-2023-31625 (An issue in the psiginfo component of
openlink virtuoso-opensour
CVE-2023-31624 (An issue in the sinv_check_exp component of openlink
virtuoso-opensour ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1134
@@ -116011,7 +116004,7 @@ CVE-2023-31624 (An issue in the sinv_check_exp
component of openlink virtuoso-op
CVE-2023-31623 (An issue in the mp_box_copy component of openlink
virtuoso-opensource ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1131
@@ -116019,7 +116012,7 @@ CVE-2023-31623 (An issue in the mp_box_copy component
of openlink virtuoso-opens
CVE-2023-31622 (An issue in the sqlc_make_policy_trig component of openlink
virtuoso-o ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1135
@@ -116027,7 +116020,7 @@ CVE-2023-31622 (An issue in the sqlc_make_policy_trig
component of openlink virt
CVE-2023-31621 (An issue in the kc_var_col component of openlink
virtuoso-opensource v ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1130
@@ -116035,7 +116028,7 @@ CVE-2023-31621 (An issue in the kc_var_col component
of openlink virtuoso-openso
CVE-2023-31620 (An issue in the dv_compare component of openlink
virtuoso-opensource v ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1128
@@ -116043,7 +116036,7 @@ CVE-2023-31620 (An issue in the dv_compare component
of openlink virtuoso-openso
CVE-2023-31619 (An issue in the sch_name_to_object component of openlink
virtuoso-open ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1133
@@ -116051,7 +116044,7 @@ CVE-2023-31619 (An issue in the sch_name_to_object
component of openlink virtuos
CVE-2023-31618 (An issue in the sqlc_union_dt_wrap component of openlink
virtuoso-open ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1136
@@ -116059,7 +116052,7 @@ CVE-2023-31618 (An issue in the sqlc_union_dt_wrap
component of openlink virtuos
CVE-2023-31617 (An issue in the dk_set_delete component of openlink
virtuoso-opensourc ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1127
@@ -116067,7 +116060,7 @@ CVE-2023-31617 (An issue in the dk_set_delete
component of openlink virtuoso-ope
CVE-2023-31616 (An issue in the bif_mod component of openlink
virtuoso-opensource v7.2 ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1122
@@ -116075,7 +116068,7 @@ CVE-2023-31616 (An issue in the bif_mod component of
openlink virtuoso-opensourc
CVE-2023-31615 (An issue in the chash_array component of openlink
virtuoso-opensource ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1124
@@ -116083,7 +116076,7 @@ CVE-2023-31615 (An issue in the chash_array component
of openlink virtuoso-opens
CVE-2023-31614 (An issue in the mp_box_deserialize_string function in openlink
virtuos ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1117
@@ -116091,7 +116084,7 @@ CVE-2023-31614 (An issue in the
mp_box_deserialize_string function in openlink v
CVE-2023-31613 (An issue in the __nss_database_lookup component of openlink
virtuoso-o ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1121
@@ -116099,14 +116092,14 @@ CVE-2023-31613 (An issue in the
__nss_database_lookup component of openlink virt
CVE-2023-31612 (An issue in the dfe_qexp_list component of openlink
virtuoso-opensourc ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1125
CVE-2023-31611 (An issue in the __libc_longjmp component of openlink
virtuoso-opensour ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1119
@@ -116114,7 +116107,7 @@ CVE-2023-31611 (An issue in the __libc_longjmp
component of openlink virtuoso-op
CVE-2023-31610 (An issue in the _IO_default_xsputn component of openlink
virtuoso-open ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1118
@@ -116122,14 +116115,14 @@ CVE-2023-31610 (An issue in the _IO_default_xsputn
component of openlink virtuos
CVE-2023-31609 (An issue in the dfe_unit_col_loci component of openlink
virtuoso-opens ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1126
CVE-2023-31608 (An issue in the artm_div_int component of openlink
virtuoso-opensource ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1123
@@ -116137,7 +116130,7 @@ CVE-2023-31608 (An issue in the artm_div_int
component of openlink virtuoso-open
CVE-2023-31607 (An issue in the __libc_malloc component of openlink
virtuoso-opensourc ...)
[experimental] - virtuoso-opensource 7.2.12+dfsg-0.1
- virtuoso-opensource 7.2.12+dfsg-0.2 (bug #1036467)
- [bookworm] - virtuoso-opensource <no-dsa> (Minor issue)
+ [bookworm] - virtuoso-opensource <ignored> (Minor issue)
[bullseye] - virtuoso-opensource <no-dsa> (Minor issue)
[buster] - virtuoso-opensource <no-dsa> (Minor issue)
NOTE: https://github.com/openlink/virtuoso-opensource/issues/1120
@@ -137132,7 +137125,7 @@ CVE-2023-24810 (Misskey is an open source,
decentralized social media platform.
NOT-FOR-US: Misskey
CVE-2023-24809 (NetHack is a single player dungeon exploration game. Starting
with ver ...)
- nethack 3.6.7-1 (bug #1031869)
- [bookworm] - nethack <no-dsa> (Minor issue)
+ [bookworm] - nethack <ignored> (Minor issue)
[bullseye] - nethack <no-dsa> (Minor issue)
[buster] - nethack <no-dsa> (Minor issue)
NOTE:
https://github.com/NetHack/NetHack/security/advisories/GHSA-2cqv-5w4v-mgch
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ecdfc65174a87db9122755ce41a46615602772d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ecdfc65174a87db9122755ce41a46615602772d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
