Update Advisories

2023-10-27 05:37:30 +00:00 · 2023-10-27 05:37:30 +00:00 · 6f513c6dda
parent 8b66fb13fa
commit 6f513c6dda
7 changed files with 98 additions and 9 deletions
--- a/advisories/PHSA-2023-3.0-0673.json
+++ b/advisories/PHSA-2023-3.0-0673.json
@ -6,10 +6,24 @@
                "name": "redis",
                "purl": "pkg:rpm/vmware/redis?distro=photon-3"
            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:3.0",
+                "name": "libtiff",
+                "purl": "pkg:rpm/vmware/libtiff?distro=photon-3"
+            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:3.0",
+                "name": "nghttp2",
+                "purl": "pkg:rpm/vmware/nghttp2?distro=photon-3"
+            }
        }
    ],
    "id": "PHSA-2023-3.0-0673",
-    "modified": "2023-10-26T05:31:58Z",
+    "modified": "2023-10-27T05:32:05Z",
    "published": "2023-10-26T00:00:00Z",
    "references": [
        {
@ -18,6 +32,9 @@
        }
    ],
    "related": [
-        "CVE-2023-45145"
+        "CVE-2023-45145",
+        "CVE-2023-40745",
+        "CVE-2023-41175",
+        "CVE-2023-44487"
    ]
 }
--- a/advisories/PHSA-2023-3.0-0674.json
+++ b/advisories/PHSA-2023-3.0-0674.json
@ -0,0 +1,23 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:3.0",
+                "name": "zlib",
+                "purl": "pkg:rpm/vmware/zlib?distro=photon-3"
+            }
+        }
+    ],
+    "id": "PHSA-2023-3.0-0674",
+    "modified": "2023-10-27T05:32:05Z",
+    "published": "2023-10-26T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-3.0-674"
+        }
+    ],
+    "related": [
+        "CVE-2023-45853"
+    ]
+}
--- a/advisories/PHSA-2023-4.0-0318.json
+++ b/advisories/PHSA-2023-4.0-0318.json
@ -66,7 +66,7 @@
        }
    ],
    "id": "PHSA-2023-4.0-0318",
-    "modified": "2023-09-06T05:30:01Z",
+    "modified": "2023-10-27T05:32:05Z",
    "published": "2023-01-21T00:00:00Z",
    "references": [
        {
@ -82,6 +82,7 @@
        "CVE-2022-42898",
        "CVE-2022-45934",
        "CVE-2022-3545",
-        "CVE-2023-1295"
+        "CVE-2023-1295",
+        "CVE-2022-4696"
    ]
 }
--- a/advisories/PHSA-2023-4.0-0399.json
+++ b/advisories/PHSA-2023-4.0-0399.json
@ -53,10 +53,17 @@
                ],
                "type": "ECOSYSTEM"
            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "curl",
+                "purl": "pkg:rpm/vmware/curl?distro=photon-4"
+            }
        }
    ],
    "id": "PHSA-2023-4.0-0399",
-    "modified": "2023-06-06T05:26:16Z",
+    "modified": "2023-10-27T05:32:05Z",
    "published": "2023-05-31T00:00:00Z",
    "references": [
        {
@ -68,6 +75,7 @@
        "CVE-2023-29383",
        "CVE-2020-8252",
        "CVE-2023-1972",
-        "CVE-2022-4285"
+        "CVE-2022-4285",
+        "CVE-2023-28322"
    ]
 }
--- a/advisories/PHSA-2023-4.0-0496.json
+++ b/advisories/PHSA-2023-4.0-0496.json
@ -6,10 +6,17 @@
                "name": "openssl",
                "purl": "pkg:rpm/vmware/openssl?distro=photon-4"
            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "nghttp2",
+                "purl": "pkg:rpm/vmware/nghttp2?distro=photon-4"
+            }
        }
    ],
    "id": "PHSA-2023-4.0-0496",
-    "modified": "2023-10-25T14:23:15Z",
+    "modified": "2023-10-27T05:32:05Z",
    "published": "2023-10-25T00:00:00Z",
    "references": [
        {
@ -18,6 +25,7 @@
        }
    ],
    "related": [
-        "CVE-2023-5363"
+        "CVE-2023-5363",
+        "CVE-2023-44487"
    ]
 }
--- a/advisories/PHSA-2023-4.0-0497.json
+++ b/advisories/PHSA-2023-4.0-0497.json
@ -0,0 +1,32 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "zlib",
+                "purl": "pkg:rpm/vmware/zlib?distro=photon-4"
+            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "libtiff",
+                "purl": "pkg:rpm/vmware/libtiff?distro=photon-4"
+            }
+        }
+    ],
+    "id": "PHSA-2023-4.0-0497",
+    "modified": "2023-10-27T05:32:05Z",
+    "published": "2023-10-25T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-497"
+        }
+    ],
+    "related": [
+        "CVE-2023-41175",
+        "CVE-2023-40745",
+        "CVE-2023-45853"
+    ]
+}
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit b5395efeb23772c6c037cd73a29ae6a79bd54a08
+Subproject commit c00a1cc101ef5dd542773f12e0dcea3260b292c7