Date: Thu, 22 Jun 2023 11:36:15 GMT From: Hiroki Tagato <tagattie@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 3d21c0a37a60 - main - security/vuxml: document electron multiple vulnerabilities Message-ID: <202306221136.35MBaF9P017992@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by tagattie: URL: https://cgit.FreeBSD.org/ports/commit/?id=3d21c0a37a60a122812b05268f5e0a63ed47308e commit 3d21c0a37a60a122812b05268f5e0a63ed47308e Author: Hiroki Tagato <tagattie@FreeBSD.org> AuthorDate: 2023-06-22 11:34:12 +0000 Commit: Hiroki Tagato <tagattie@FreeBSD.org> CommitDate: 2023-06-22 11:34:12 +0000 security/vuxml: document electron multiple vulnerabilities Obtained from: https://github.com/electron/electron/releases/tag/v22.3.14, https://github.com/electron/electron/releases/tag/v23.3.8, https://github.com/electron/electron/releases/tag/v24.6.0 --- security/vuxml/vuln/2023.xml | 74 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index f007a7ba1c68..bee1ce17a636 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -1,3 +1,77 @@ + <vuln vid="a03b2d9e-b3f2-428c-8f66-21092ed2ba94"> + <topic>electron{23,24} -- multiple vulnerabilities</topic> + <affects> + <package> + <name>electron23</name> + <range><lt>23.3.8</lt></range> + </package> + <package> + <name>electron24</name> + <range><lt>24.6.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Electron developers report:</p> + <blockquote cite="https://github.com/electron/electron/releases/tag/v23.3.8">; + <p>This update fixes the following vulnerabilities:</p> + <ul> + <li>Security: backported fix for CVE-2023-3215.</li> + <li>Security: backported fix for CVE-2023-3216.</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2023-3215</cvename> + <url>https://github.com/advisories/GHSA-5rw6-vf4w-p4j3</url>; + <cvename>CVE-2023-3216</cvename> + <url>https://github.com/advisories/GHSA-f35r-mcw4-gg3w</url>; + </references> + <dates> + <discovery>2023-06-22</discovery> + <entry>2023-06-22</entry> + </dates> + </vuln> + + <vuln vid="770d88cc-f6dc-4385-bdfe-497f8080c3fb"> + <topic>electron22 -- multiple vulnerabilities</topic> + <affects> + <package> + <name>electron22</name> + <range><lt>22.3.14</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Electron developers report:</p> + <blockquote cite="https://github.com/electron/electron/releases/tag/v22.3.14">; + <p>This update fixes the following vulnerabilities:</p> + <ul> + <li>Security: backported fix for CVE-2023-3215.</li> + <li>Security: backported fix for CVE-2023-3216.</li> + <li>Security: backported fix for CVE-2023-0698.</li> + <li>Security: backported fix for CVE-2023-0932.</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2023-3215</cvename> + <url>https://github.com/advisories/GHSA-5rw6-vf4w-p4j3</url>; + <cvename>CVE-2023-3216</cvename> + <url>https://github.com/advisories/GHSA-f35r-mcw4-gg3w</url>; + <cvename>CVE-2023-0698</cvename> + <url>https://github.com/advisories/GHSA-q6xx-4pmr-m3m4</url>; + <cvename>CVE-2023-0932</cvename> + <url>https://github.com/advisories/GHSA-hh2g-39pc-2575</url>; + </references> + <dates> + <discovery>2023-06-22</discovery> + <entry>2023-06-22</entry> + </dates> + </vuln> + <vuln vid="734b8f46-773d-4fef-bed3-61114fe8e4c5"> <topic>libX11 -- Sub-object overflows</topic> <affects>home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202306221136.35MBaF9P017992>