From 6f513c6ddaeadbd3b6ba09fdf3d14fa984e9dd45 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Fri, 27 Oct 2023 05:37:30 +0000 Subject: [PATCH] Update Advisories --- advisories/PHSA-2023-3.0-0673.json | 21 ++++++++++++++++++-- advisories/PHSA-2023-3.0-0674.json | 23 +++++++++++++++++++++ advisories/PHSA-2023-4.0-0318.json | 5 +++-- advisories/PHSA-2023-4.0-0399.json | 12 +++++++++-- advisories/PHSA-2023-4.0-0496.json | 12 +++++++++-- advisories/PHSA-2023-4.0-0497.json | 32 ++++++++++++++++++++++++++++++ photon-wiki | 2 +- 7 files changed, 98 insertions(+), 9 deletions(-) create mode 100644 advisories/PHSA-2023-3.0-0674.json create mode 100644 advisories/PHSA-2023-4.0-0497.json diff --git a/advisories/PHSA-2023-3.0-0673.json b/advisories/PHSA-2023-3.0-0673.json index 3218151..2349784 100644 --- a/advisories/PHSA-2023-3.0-0673.json +++ b/advisories/PHSA-2023-3.0-0673.json @@ -6,10 +6,24 @@ "name": "redis", "purl": "pkg:rpm/vmware/redis?distro=photon-3" } + }, + { + "package": { + "ecosystem": "Photon OS:3.0", + "name": "libtiff", + "purl": "pkg:rpm/vmware/libtiff?distro=photon-3" + } + }, + { + "package": { + "ecosystem": "Photon OS:3.0", + "name": "nghttp2", + "purl": "pkg:rpm/vmware/nghttp2?distro=photon-3" + } } ], "id": "PHSA-2023-3.0-0673", - "modified": "2023-10-26T05:31:58Z", + "modified": "2023-10-27T05:32:05Z", "published": "2023-10-26T00:00:00Z", "references": [ { @@ -18,6 +32,9 @@ } ], "related": [ - "CVE-2023-45145" + "CVE-2023-45145", + "CVE-2023-40745", + "CVE-2023-41175", + "CVE-2023-44487" ] } \ No newline at end of file diff --git a/advisories/PHSA-2023-3.0-0674.json b/advisories/PHSA-2023-3.0-0674.json new file mode 100644 index 0000000..2a50e70 --- /dev/null +++ b/advisories/PHSA-2023-3.0-0674.json @@ -0,0 +1,23 @@ +{ + "affected": [ + { + "package": { + "ecosystem": "Photon OS:3.0", + "name": "zlib", + "purl": "pkg:rpm/vmware/zlib?distro=photon-3" + } + } + ], + "id": "PHSA-2023-3.0-0674", + "modified": "2023-10-27T05:32:05Z", + "published": "2023-10-26T00:00:00Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/vmware/photon/wiki/Security-Update-3.0-674" + } + ], + "related": [ + "CVE-2023-45853" + ] +} \ No newline at end of file diff --git a/advisories/PHSA-2023-4.0-0318.json b/advisories/PHSA-2023-4.0-0318.json index 1344c0e..0d4ef4a 100644 --- a/advisories/PHSA-2023-4.0-0318.json +++ b/advisories/PHSA-2023-4.0-0318.json @@ -66,7 +66,7 @@ } ], "id": "PHSA-2023-4.0-0318", - "modified": "2023-09-06T05:30:01Z", + "modified": "2023-10-27T05:32:05Z", "published": "2023-01-21T00:00:00Z", "references": [ { @@ -82,6 +82,7 @@ "CVE-2022-42898", "CVE-2022-45934", "CVE-2022-3545", - "CVE-2023-1295" + "CVE-2023-1295", + "CVE-2022-4696" ] } \ No newline at end of file diff --git a/advisories/PHSA-2023-4.0-0399.json b/advisories/PHSA-2023-4.0-0399.json index aa6425a..4bc3a02 100644 --- a/advisories/PHSA-2023-4.0-0399.json +++ b/advisories/PHSA-2023-4.0-0399.json @@ -53,10 +53,17 @@ ], "type": "ECOSYSTEM" } + }, + { + "package": { + "ecosystem": "Photon OS:4.0", + "name": "curl", + "purl": "pkg:rpm/vmware/curl?distro=photon-4" + } } ], "id": "PHSA-2023-4.0-0399", - "modified": "2023-06-06T05:26:16Z", + "modified": "2023-10-27T05:32:05Z", "published": "2023-05-31T00:00:00Z", "references": [ { @@ -68,6 +75,7 @@ "CVE-2023-29383", "CVE-2020-8252", "CVE-2023-1972", - "CVE-2022-4285" + "CVE-2022-4285", + "CVE-2023-28322" ] } \ No newline at end of file diff --git a/advisories/PHSA-2023-4.0-0496.json b/advisories/PHSA-2023-4.0-0496.json index 4db80ec..7eece67 100644 --- a/advisories/PHSA-2023-4.0-0496.json +++ b/advisories/PHSA-2023-4.0-0496.json @@ -6,10 +6,17 @@ "name": "openssl", "purl": "pkg:rpm/vmware/openssl?distro=photon-4" } + }, + { + "package": { + "ecosystem": "Photon OS:4.0", + "name": "nghttp2", + "purl": "pkg:rpm/vmware/nghttp2?distro=photon-4" + } } ], "id": "PHSA-2023-4.0-0496", - "modified": "2023-10-25T14:23:15Z", + "modified": "2023-10-27T05:32:05Z", "published": "2023-10-25T00:00:00Z", "references": [ { @@ -18,6 +25,7 @@ } ], "related": [ - "CVE-2023-5363" + "CVE-2023-5363", + "CVE-2023-44487" ] } \ No newline at end of file diff --git a/advisories/PHSA-2023-4.0-0497.json b/advisories/PHSA-2023-4.0-0497.json new file mode 100644 index 0000000..5cef462 --- /dev/null +++ b/advisories/PHSA-2023-4.0-0497.json @@ -0,0 +1,32 @@ +{ + "affected": [ + { + "package": { + "ecosystem": "Photon OS:4.0", + "name": "zlib", + "purl": "pkg:rpm/vmware/zlib?distro=photon-4" + } + }, + { + "package": { + "ecosystem": "Photon OS:4.0", + "name": "libtiff", + "purl": "pkg:rpm/vmware/libtiff?distro=photon-4" + } + } + ], + "id": "PHSA-2023-4.0-0497", + "modified": "2023-10-27T05:32:05Z", + "published": "2023-10-25T00:00:00Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-497" + } + ], + "related": [ + "CVE-2023-41175", + "CVE-2023-40745", + "CVE-2023-45853" + ] +} \ No newline at end of file diff --git a/photon-wiki b/photon-wiki index b5395ef..c00a1cc 160000 --- a/photon-wiki +++ b/photon-wiki @@ -1 +1 @@ -Subproject commit b5395efeb23772c6c037cd73a29ae6a79bd54a08 +Subproject commit c00a1cc101ef5dd542773f12e0dcea3260b292c7