https://bugzilla.redhat.com/show_bug.cgi?id=2223821
Bug ID: 2223821
Summary: TRIAGE-CVE-2023-2975 openssl3: openSSL: AES-SIV cipher
implementation contains a bug that causes it to ignore
empty associated data entries [epel-8]
Product: Fedora EPEL
Version: epel8
Status: NEW
Component: openssl3
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: michel(a)michel-slm.name
Reporter: saroy(a)redhat.com
CC: epel-packagers-sig(a)lists.fedoraproject.org,
michel(a)michel-slm.name
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2223016
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2223821
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2211109
Bug ID: 2211109
Summary: CVE-2023-2650 openssl3: openssl: Possible DoS
translating ASN.1 object identifiers [epel-8]
Product: Fedora EPEL
Version: epel8
Status: NEW
Component: openssl3
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: michel(a)michel-slm.name
Reporter: saroy(a)redhat.com
CC: epel-packagers-sig(a)lists.fedoraproject.org,
michel(a)michel-slm.name
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2207947
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2211109
https://bugzilla.redhat.com/show_bug.cgi?id=2188526
Bug ID: 2188526
Summary: CVE-2023-1255 openssl3: openssl: Input buffer
over-read in AES-XTS implementation on 64 bit ARM
[epel-8]
Product: Fedora EPEL
Version: epel8
Status: NEW
Component: openssl3
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: michel(a)michel-slm.name
Reporter: saroy(a)redhat.com
CC: epel-packagers-sig(a)lists.fedoraproject.org,
michel(a)michel-slm.name
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2188461
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2188526
https://bugzilla.redhat.com/show_bug.cgi?id=2182602
Bug ID: 2182602
Summary: CVE-2023-0466 openssl3: openssl: Certificate policy
check not enabled [epel-8]
Product: Fedora EPEL
Version: epel8
Status: NEW
Component: openssl3
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: michel(a)michel-slm.name
Reporter: trathi(a)redhat.com
CC: epel-packagers-sig(a)lists.fedoraproject.org,
michel(a)michel-slm.name
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2182565
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2182602
https://bugzilla.redhat.com/show_bug.cgi?id=2182590
Bug ID: 2182590
Summary: CVE-2023-0465 openssl3: openssl: Invalid certificate
policies in leaf certificates are silently ignored
[epel-8]
Product: Fedora EPEL
Version: epel8
Status: NEW
Component: openssl3
Keywords: Security, SecurityTracking
Severity: low
Priority: low
Assignee: michel(a)michel-slm.name
Reporter: trathi(a)redhat.com
CC: epel-packagers-sig(a)lists.fedoraproject.org,
michel(a)michel-slm.name
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2182561
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2182590
https://bugzilla.redhat.com/show_bug.cgi?id=2242181
Bug ID: 2242181
Summary: CVE-2023-43665 python-django3: python-django:
Denial-of-service possibility in
django.utils.text.Truncator [fedora-all]
Product: Fedora
Version: 38
Status: NEW
Component: python-django3
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: michel(a)michel-slm.name
Reporter: gsuckevi(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
michel(a)michel-slm.name
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2241046
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2242181
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2237871
Bug ID: 2237871
Summary: CVE-2023-41164 python-django3: python-django:
Potential denial of service vulnerability in
``django.utils.encoding.uri_to_iri()`` [fedora-all]
Product: Fedora
Version: 38
Status: NEW
Component: python-django3
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: michel(a)michel-slm.name
Reporter: ybuenos(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
michel(a)michel-slm.name
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2237258
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2237871
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2219382
Bug ID: 2219382
Summary: TRIAGE-CVE-2023-36053 python-django3: python-django:
Potential regular expression denial of service
vulnerability in EmailValidator/URLValidator
[fedora-all]
Product: Fedora
Version: 38
Status: NEW
Component: python-django3
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: michel(a)michel-slm.name
Reporter: gsuckevi(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
michel(a)michel-slm.name
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2218004
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2219382
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2237869
Bug ID: 2237869
Summary: CVE-2023-41164 python-django3: python-django:
Potential denial of service vulnerability in
``django.utils.encoding.uri_to_iri()`` [epel-all]
Product: Fedora EPEL
Version: epel8
Status: NEW
Component: python-django3
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: michel(a)michel-slm.name
Reporter: ybuenos(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: epel-packagers-sig(a)lists.fedoraproject.org,
michel(a)michel-slm.name
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2237258
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2237869
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…