git: 3d21c0a37a60 - main - security/vuxml: document electron multiple vulnerabilities
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 22 Jun 2023 11:36:15 UTC
The branch main has been updated by tagattie:
URL: https://cgit.FreeBSD.org/ports/commit/?id=3d21c0a37a60a122812b05268f5e0a63ed47308e
commit 3d21c0a37a60a122812b05268f5e0a63ed47308e
Author: Hiroki Tagato <tagattie@FreeBSD.org>
AuthorDate: 2023-06-22 11:34:12 +0000
Commit: Hiroki Tagato <tagattie@FreeBSD.org>
CommitDate: 2023-06-22 11:34:12 +0000
security/vuxml: document electron multiple vulnerabilities
Obtained from: https://github.com/electron/electron/releases/tag/v22.3.14,
https://github.com/electron/electron/releases/tag/v23.3.8,
https://github.com/electron/electron/releases/tag/v24.6.0
---
security/vuxml/vuln/2023.xml | 74 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 74 insertions(+)
diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml
index f007a7ba1c68..bee1ce17a636 100644
--- a/security/vuxml/vuln/2023.xml
+++ b/security/vuxml/vuln/2023.xml
@@ -1,3 +1,77 @@
+ <vuln vid="a03b2d9e-b3f2-428c-8f66-21092ed2ba94">
+ <topic>electron{23,24} -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>electron23</name>
+ <range><lt>23.3.8</lt></range>
+ </package>
+ <package>
+ <name>electron24</name>
+ <range><lt>24.6.0</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Electron developers report:</p>
+ <blockquote cite="https://github.com/electron/electron/releases/tag/v23.3.8">
+ <p>This update fixes the following vulnerabilities:</p>
+ <ul>
+ <li>Security: backported fix for CVE-2023-3215.</li>
+ <li>Security: backported fix for CVE-2023-3216.</li>
+ </ul>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2023-3215</cvename>
+ <url>https://github.com/advisories/GHSA-5rw6-vf4w-p4j3</url>
+ <cvename>CVE-2023-3216</cvename>
+ <url>https://github.com/advisories/GHSA-f35r-mcw4-gg3w</url>
+ </references>
+ <dates>
+ <discovery>2023-06-22</discovery>
+ <entry>2023-06-22</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="770d88cc-f6dc-4385-bdfe-497f8080c3fb">
+ <topic>electron22 -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>electron22</name>
+ <range><lt>22.3.14</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Electron developers report:</p>
+ <blockquote cite="https://github.com/electron/electron/releases/tag/v22.3.14">
+ <p>This update fixes the following vulnerabilities:</p>
+ <ul>
+ <li>Security: backported fix for CVE-2023-3215.</li>
+ <li>Security: backported fix for CVE-2023-3216.</li>
+ <li>Security: backported fix for CVE-2023-0698.</li>
+ <li>Security: backported fix for CVE-2023-0932.</li>
+ </ul>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2023-3215</cvename>
+ <url>https://github.com/advisories/GHSA-5rw6-vf4w-p4j3</url>
+ <cvename>CVE-2023-3216</cvename>
+ <url>https://github.com/advisories/GHSA-f35r-mcw4-gg3w</url>
+ <cvename>CVE-2023-0698</cvename>
+ <url>https://github.com/advisories/GHSA-q6xx-4pmr-m3m4</url>
+ <cvename>CVE-2023-0932</cvename>
+ <url>https://github.com/advisories/GHSA-hh2g-39pc-2575</url>
+ </references>
+ <dates>
+ <discovery>2023-06-22</discovery>
+ <entry>2023-06-22</entry>
+ </dates>
+ </vuln>
+
<vuln vid="734b8f46-773d-4fef-bed3-61114fe8e4c5">
<topic>libX11 -- Sub-object overflows</topic>
<affects>