diff options
| author | Moritz Mühlenhoff <jmm@debian.org> | 2023-10-17 20:08:19 +0200 |
|---|---|---|
| committer | Moritz Mühlenhoff <jmm@debian.org> | 2023-10-17 20:08:19 +0200 |
| commit | 764f9c124be0772779e2d6fca9c0195e75a121cc (patch) | |
| tree | b43f149ce6d78de75433cf370d7cc850d7d8e35f | |
| parent | a2fecbdee7a34155c020ecee642a44a6d7088c04 (diff) | |
axis spu/ospu
| -rw-r--r-- | data/CVE/list | 5 | ||||
| -rw-r--r-- | data/next-oldstable-point-update.txt | 2 | ||||
| -rw-r--r-- | data/next-point-update.txt | 2 |
3 files changed, 7 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index b90ad2523b..8cdc99f450 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -402,9 +402,8 @@ CVE-2023-35024 (IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19 NOT-FOR-US: IBM CVE-2023-41914 - slurm-wlm 23.02.6-1 - - slurm-wlm-contrib 23.02.6-1 - [bookworm] - slurm-wlm-contrib <no-dsa> (Contrib not supported) NOTE: https://groups.google.com/g/slurm-users/c/N9WHFVefSHA + NOTE: slurm-wlm-contrib also changed, but actual security issue is in slurm-wlm CVE-2023-4263 (Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nR ...) NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr) CVE-2023-4257 (Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can ca ...) @@ -6350,6 +6349,8 @@ CVE-2023-2453 (There is insufficient sanitization of tainted file names that are NOT-FOR-US: PHP-Fusion CVE-2023-40743 (** UNSUPPORTED WHEN ASSIGNED ** When integrating Apache Axis 1.x in an ...) - axis 1.4-29 (bug #1051288) + [bookworm] - axis <no-dsa> (Minor issue) + [bullseye] - axis <no-dsa> (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2023/09/05/1 NOTE: https://github.com/apache/axis-axis1-java/commit/7e66753427466590d6def0125e448d2791723210 CVE-2023-34322 [top-level shadow reference dropped too early for 64-bit PV guests] diff --git a/data/next-oldstable-point-update.txt b/data/next-oldstable-point-update.txt index c0e0da0568..ce8af9bf3f 100644 --- a/data/next-oldstable-point-update.txt +++ b/data/next-oldstable-point-update.txt @@ -74,3 +74,5 @@ CVE-2023-26136 [bullseye] - node-tough-cookie 4.0.0-2+deb11u1 CVE-2023-26132 [bullseye] - node-dottie 2.0.2-4+deb11u1 +CVE-2023-40743 + [bullseye] - axis 1.4-28+deb11u1 diff --git a/data/next-point-update.txt b/data/next-point-update.txt index 07c3838802..c938f163bb 100644 --- a/data/next-point-update.txt +++ b/data/next-point-update.txt @@ -6,3 +6,5 @@ CVE-2023-3153 [bookworm] - ovn 23.03.1-1~deb12u1 CVE-2023-43040 [bookworm] - ceph 16.2.11+ds-2+deb12u1 +CVE-2023-40743 + [bookworm] - axis 1.4-28+deb12u1 |