Debian Bug report logs -
#1060407
Multiple security issues
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Debian Electronics Team <pkg-electronics-devel@alioth-lists.debian.net>
:
Bug#1060407
; Package src:gtkwave
.
(Wed, 10 Jan 2024 19:39:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Debian Electronics Team <pkg-electronics-devel@alioth-lists.debian.net>
.
(Wed, 10 Jan 2024 19:39:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: gtkwave
Version: 3.3.116-1
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team <team@security.debian.org>
A very thorough security audit of gtkwave unveiled a total of 82 security
issues in gtkwave, all fixed in 3.3.118:
CVE-2023-32650 CVE-2023-34087 CVE-2023-34436 CVE-2023-35004
CVE-2023-35057 CVE-2023-35128 CVE-2023-35702 CVE-2023-35703
CVE-2023-35704 CVE-2023-35955 CVE-2023-35956 CVE-2023-35957
CVE-2023-35958 CVE-2023-35959 CVE-2023-35960 CVE-2023-35961
CVE-2023-35962 CVE-2023-35963 CVE-2023-35964 CVE-2023-35969
CVE-2023-35970 CVE-2023-35989 CVE-2023-35992 CVE-2023-35994
CVE-2023-35995 CVE-2023-35996 CVE-2023-35997 CVE-2023-36746
CVE-2023-36747 CVE-2023-36861 CVE-2023-36864 CVE-2023-36915
CVE-2023-36916 CVE-2023-37282 CVE-2023-37416 CVE-2023-37417
CVE-2023-37418 CVE-2023-37419 CVE-2023-37420 CVE-2023-37442
CVE-2023-37443 CVE-2023-37444 CVE-2023-37445 CVE-2023-37446
CVE-2023-37447 CVE-2023-37573 CVE-2023-37574 CVE-2023-37575
CVE-2023-37576 CVE-2023-37577 CVE-2023-37578 CVE-2023-37921
CVE-2023-37922 CVE-2023-37923 CVE-2023-38583 CVE-2023-38618
CVE-2023-38619 CVE-2023-38620 CVE-2023-38621 CVE-2023-38622
CVE-2023-38623 CVE-2023-38648 CVE-2023-38649 CVE-2023-38650
CVE-2023-38651 CVE-2023-38652 CVE-2023-38653 CVE-2023-38657
CVE-2023-39234 CVE-2023-39235 CVE-2023-39270 CVE-2023-39271
CVE-2023-39272 CVE-2023-39273 CVE-2023-39274 CVE-2023-39275
CVE-2023-39316 CVE-2023-39317 CVE-2023-39413 CVE-2023-39414
CVE-2023-39443 CVE-2023-39444
Let's first fix unstable and then we can simple build 3.3.118
for stable-security and oldstable-security as well.
Full details in these advisories from TALOS:
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1777
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1783
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1789
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1790
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1792
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1793
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1797
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1798
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1803
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1807
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1810
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1811
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1813
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1814
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1815
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1816
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1817
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1819
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1820
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1821
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1822
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1823
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1826
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1827
Cheers,
Moritz
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Wed, 10 Jan 2024 20:09:02 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Thu Jan 11 08:20:12 2024;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.