"-Synchronized-Data."

2025-05-05 18:28:42 +00:00 · 2023-09-17 09:00:34 +00:00 · 2023-09-17 09:00:34 +00:00 · 66fe25bffe
commit 66fe25bffe
parent a007cc8339
37 changed files with 194 additions and 3 deletions
--- a/2007/4xxx/CVE-2007-4559.json
+++ b/2007/4xxx/CVE-2007-4559.json
@ -76,6 +76,11 @@
                "name": "[python-dev] 20070825 tarfile and directory traversal vulnerability",
                "refsource": "MLIST",
                "url": "http://mail.python.org/pipermail/python-dev/2007-August/074292.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    }
--- a/2016/2xxx/CVE-2016-2124.json
+++ b/2016/2xxx/CVE-2016-2124.json
@ -58,6 +58,11 @@
                "refsource": "MLIST",
                "name": "[debian-lts-announce] 20230914 [SECURITY] [DLA 3563-1] samba security update",
                "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2020/17xxx/CVE-2020-17049.json
+++ b/2020/17xxx/CVE-2020-17049.json
@ -122,6 +122,11 @@
                "refsource": "MLIST",
                "name": "[oss-security] 20211110 Fwd: Samba 4.15.2, 4.14.10, 4.13.14 Security Releases are available for Download",
                "url": "http://www.openwall.com/lists/oss-security/2021/11/10/3"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    }
--- a/2020/25xxx/CVE-2020-25717.json
+++ b/2020/25xxx/CVE-2020-25717.json
@ -53,6 +53,11 @@
                "refsource": "MISC",
                "name": "https://www.samba.org/samba/security/CVE-2020-25717.html",
                "url": "https://www.samba.org/samba/security/CVE-2020-25717.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2020/25xxx/CVE-2020-25718.json
+++ b/2020/25xxx/CVE-2020-25718.json
@ -53,6 +53,11 @@
                "refsource": "MISC",
                "name": "https://www.samba.org/samba/security/CVE-2020-25718.html",
                "url": "https://www.samba.org/samba/security/CVE-2020-25718.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2020/25xxx/CVE-2020-25719.json
+++ b/2020/25xxx/CVE-2020-25719.json
@ -53,6 +53,11 @@
                "refsource": "MISC",
                "name": "https://www.samba.org/samba/security/CVE-2020-25719.html",
                "url": "https://www.samba.org/samba/security/CVE-2020-25719.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2020/25xxx/CVE-2020-25721.json
+++ b/2020/25xxx/CVE-2020-25721.json
@ -58,6 +58,11 @@
                "refsource": "MISC",
                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2021728",
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021728"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2020/25xxx/CVE-2020-25722.json
+++ b/2020/25xxx/CVE-2020-25722.json
@ -53,6 +53,11 @@
                "refsource": "MISC",
                "name": "https://www.samba.org/samba/security/CVE-2020-25722.html",
                "url": "https://www.samba.org/samba/security/CVE-2020-25722.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2021/20xxx/CVE-2021-20251.json
+++ b/2021/20xxx/CVE-2021-20251.json
@ -58,6 +58,11 @@
                "refsource": "CONFIRM",
                "name": "https://security.netapp.com/advisory/ntap-20230331-0005/",
                "url": "https://security.netapp.com/advisory/ntap-20230331-0005/"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2021/20xxx/CVE-2021-20316.json
+++ b/2021/20xxx/CVE-2021-20316.json
@ -68,6 +68,11 @@
                "refsource": "MISC",
                "name": "https://security-tracker.debian.org/tracker/CVE-2021-20316",
                "url": "https://security-tracker.debian.org/tracker/CVE-2021-20316"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2021/23xxx/CVE-2021-23192.json
+++ b/2021/23xxx/CVE-2021-23192.json
@ -58,6 +58,11 @@
                "refsource": "MISC",
                "name": "https://ubuntu.com/security/CVE-2021-23192",
                "url": "https://ubuntu.com/security/CVE-2021-23192"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2021/3xxx/CVE-2021-3670.json
+++ b/2021/3xxx/CVE-2021-3670.json
@ -98,6 +98,11 @@
                "url": "https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393",
                "refsource": "MISC",
                "name": "https://gitlab.com/samba-team/samba/-/commit/3507e96b3dcf0c0b8eff7b2c08ffccaf0812a393"
+            },
+            {
+                "url": "https://security.gentoo.org/glsa/202309-06",
+                "refsource": "MISC",
+                "name": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    }
--- a/2021/3xxx/CVE-2021-3738.json
+++ b/2021/3xxx/CVE-2021-3738.json
@ -58,6 +58,11 @@
                "refsource": "MISC",
                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2021726",
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2021726"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2021/44xxx/CVE-2021-44141.json
+++ b/2021/44xxx/CVE-2021-44141.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://www.samba.org/samba/security/CVE-2021-44141.html",
                "url": "https://www.samba.org/samba/security/CVE-2021-44141.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2021/44xxx/CVE-2021-44142.json
+++ b/2021/44xxx/CVE-2021-44142.json
@ -92,6 +92,11 @@
                "name": "https://bugzilla.samba.org/show_bug.cgi?id=14914",
                "refsource": "CONFIRM",
                "url": "https://bugzilla.samba.org/show_bug.cgi?id=14914"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/0xxx/CVE-2022-0336.json
+++ b/2022/0xxx/CVE-2022-0336.json
@ -73,6 +73,11 @@
                "refsource": "MISC",
                "name": "https://access.redhat.com/security/cve/CVE-2022-0336",
                "url": "https://access.redhat.com/security/cve/CVE-2022-0336"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/1xxx/CVE-2022-1615.json
+++ b/2022/1xxx/CVE-2022-1615.json
@ -58,6 +58,11 @@
                "refsource": "FEDORA",
                "name": "FEDORA-2022-4555909843",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTTOLTHUHOV4SHCHCB5TAA4FQVJAWN4P/"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/2xxx/CVE-2022-2031.json
+++ b/2022/2xxx/CVE-2022-2031.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://www.samba.org/samba/security/CVE-2022-2031.html",
                "url": "https://www.samba.org/samba/security/CVE-2022-2031.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/32xxx/CVE-2022-32742.json
+++ b/2022/32xxx/CVE-2022-32742.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://www.samba.org/samba/security/CVE-2022-32742.html",
                "url": "https://www.samba.org/samba/security/CVE-2022-32742.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/32xxx/CVE-2022-32743.json
+++ b/2022/32xxx/CVE-2022-32743.json
@ -58,6 +58,11 @@
                "refsource": "FEDORA",
                "name": "FEDORA-2022-4555909843",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTTOLTHUHOV4SHCHCB5TAA4FQVJAWN4P/"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/32xxx/CVE-2022-32744.json
+++ b/2022/32xxx/CVE-2022-32744.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://www.samba.org/samba/security/CVE-2022-32744.html",
                "url": "https://www.samba.org/samba/security/CVE-2022-32744.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/32xxx/CVE-2022-32745.json
+++ b/2022/32xxx/CVE-2022-32745.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://www.samba.org/samba/security/CVE-2022-32745.html",
                "url": "https://www.samba.org/samba/security/CVE-2022-32745.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/32xxx/CVE-2022-32746.json
+++ b/2022/32xxx/CVE-2022-32746.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://www.samba.org/samba/security/CVE-2022-32746.html",
                "url": "https://www.samba.org/samba/security/CVE-2022-32746.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/37xxx/CVE-2022-37966.json
+++ b/2022/37xxx/CVE-2022-37966.json
@ -214,6 +214,11 @@
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966",
                "refsource": "MISC",
                "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966"
+            },
+            {
+                "url": "https://security.gentoo.org/glsa/202309-06",
+                "refsource": "MISC",
+                "name": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/37xxx/CVE-2022-37967.json
+++ b/2022/37xxx/CVE-2022-37967.json
@ -214,6 +214,11 @@
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967",
                "refsource": "MISC",
                "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967"
+            },
+            {
+                "url": "https://security.gentoo.org/glsa/202309-06",
+                "refsource": "MISC",
+                "name": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/38xxx/CVE-2022-38023.json
+++ b/2022/38xxx/CVE-2022-38023.json
@ -214,6 +214,11 @@
                "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023",
                "refsource": "MISC",
                "name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023"
+            },
+            {
+                "url": "https://security.gentoo.org/glsa/202309-06",
+                "refsource": "MISC",
+                "name": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/3xxx/CVE-2022-3437.json
+++ b/2022/3xxx/CVE-2022-3437.json
@ -68,6 +68,11 @@
                "refsource": "CONFIRM",
                "name": "https://security.netapp.com/advisory/ntap-20230216-0008/",
                "url": "https://security.netapp.com/advisory/ntap-20230216-0008/"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/3xxx/CVE-2022-3592.json
+++ b/2022/3xxx/CVE-2022-3592.json
@ -58,6 +58,11 @@
                "refsource": "MISC",
                "name": "https://access.redhat.com/security/cve/CVE-2022-3592",
                "url": "https://access.redhat.com/security/cve/CVE-2022-3592"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/42xxx/CVE-2022-42898.json
+++ b/2022/42xxx/CVE-2022-42898.json
@ -96,6 +96,11 @@
                "refsource": "CONFIRM",
                "name": "https://security.netapp.com/advisory/ntap-20230223-0001/",
                "url": "https://security.netapp.com/advisory/ntap-20230223-0001/"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    }
--- a/2022/45xxx/CVE-2022-45141.json
+++ b/2022/45xxx/CVE-2022-45141.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://www.samba.org/samba/security/CVE-2022-45141.html",
                "url": "https://www.samba.org/samba/security/CVE-2022-45141.html"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2022/4xxx/CVE-2022-4510.json
+++ b/2022/4xxx/CVE-2022-4510.json
@ -11,7 +11,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "A path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk's PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode (-e option). Remote code execution can be achieved by building a PFS filesystem that, upon extraction, would extract a malicious binwalk module into the folder .config/binwalk/plugins. This vulnerability is associated with program files src/binwalk/plugins/unpfs.py. This issue affects binwalk from 2.1.2b through 2.3.3 included."
+                "value": "\nA path traversal vulnerability was identified in ReFirm Labs binwalk from version 2.1.2b through 2.3.3 included. By crafting a malicious PFS filesystem file, an attacker can get binwalk's PFS extractor to extract files at arbitrary locations when binwalk is run in extraction mode (-e option). Remote code execution can be achieved by building a PFS filesystem that, upon extraction,\u00a0would extract a malicious binwalk module into the folder .config/binwalk/plugins.\n This vulnerability is associated with program files src/binwalk/plugins/unpfs.py.\n\nThis issue affects binwalk from 2.1.2b through 2.3.3 included.\n\n"
            }
        ]
    },
@ -40,8 +40,9 @@
                                "version": {
                                    "version_data": [
                                        {
-                                            "version_value": "2.1.2b",
-                                            "version_affected": "="
+                                            "version_affected": "<=",
+                                            "version_name": "2.1.2b",
+                                            "version_value": "2.3.3"
                                        }
                                    ]
                                }
@ -58,6 +59,11 @@
                "url": "https://github.com/ReFirmLabs/binwalk/pull/617",
                "refsource": "MISC",
                "name": "https://github.com/ReFirmLabs/binwalk/pull/617"
+            },
+            {
+                "url": "https://security.gentoo.org/glsa/202309-07",
+                "refsource": "MISC",
+                "name": "https://security.gentoo.org/glsa/202309-07"
            }
        ]
    },
--- a/2023/0xxx/CVE-2023-0225.json
+++ b/2023/0xxx/CVE-2023-0225.json
@ -53,6 +53,11 @@
                "refsource": "CONFIRM",
                "name": "https://security.netapp.com/advisory/ntap-20230406-0007/",
                "url": "https://security.netapp.com/advisory/ntap-20230406-0007/"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2023/0xxx/CVE-2023-0614.json
+++ b/2023/0xxx/CVE-2023-0614.json
@ -58,6 +58,11 @@
                "refsource": "FEDORA",
                "name": "FEDORA-2023-1c172e3264",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXBPYIA4VWNOD437NAHZ3NXKAETLFB5S/"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2023/0xxx/CVE-2023-0922.json
+++ b/2023/0xxx/CVE-2023-0922.json
@ -58,6 +58,11 @@
                "refsource": "FEDORA",
                "name": "FEDORA-2023-1c172e3264",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXBPYIA4VWNOD437NAHZ3NXKAETLFB5S/"
+            },
+            {
+                "refsource": "GENTOO",
+                "name": "GLSA-202309-06",
+                "url": "https://security.gentoo.org/glsa/202309-06"
            }
        ]
    },
--- a/2023/1xxx/CVE-2023-1999.json
+++ b/2023/1xxx/CVE-2023-1999.json
@ -59,6 +59,11 @@
                "url": "https://chromium.googlesource.com/webm/libwebp",
                "refsource": "MISC",
                "name": "https://chromium.googlesource.com/webm/libwebp"
+            },
+            {
+                "url": "https://security.gentoo.org/glsa/202309-05",
+                "refsource": "MISC",
+                "name": "https://security.gentoo.org/glsa/202309-05"
            }
        ]
    },
--- a/2023/32xxx/CVE-2023-32681.json
+++ b/2023/32xxx/CVE-2023-32681.json
@ -83,6 +83,11 @@
                "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html",
                "refsource": "MISC",
                "name": "https://lists.debian.org/debian-lts-announce/2023/06/msg00018.html"
+            },
+            {
+                "url": "https://security.gentoo.org/glsa/202309-08",
+                "refsource": "MISC",
+                "name": "https://security.gentoo.org/glsa/202309-08"
            }
        ]
    },
--- a/2023/4xxx/CVE-2023-4863.json
+++ b/2023/4xxx/CVE-2023-4863.json
@ -143,6 +143,16 @@
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/",
                "refsource": "MISC",
                "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHOLML7N2G5KCAZXFWC5IDFFHSQS5SDB/"
+            },
+            {
+                "url": "https://www.debian.org/security/2023/dsa-5498",
+                "refsource": "MISC",
+                "name": "https://www.debian.org/security/2023/dsa-5498"
+            },
+            {
+                "url": "https://security.gentoo.org/glsa/202309-05",
+                "refsource": "MISC",
+                "name": "https://security.gentoo.org/glsa/202309-05"
            }
        ]
    }