Update Advisories

2023-11-07 05:37:20 +00:00 · 2023-11-07 05:37:20 +00:00 · a62b984889
parent eca8a7b0ba
commit a62b984889
7 changed files with 108 additions and 9 deletions
--- a/advisories/PHSA-2023-3.0-0601.json
+++ b/advisories/PHSA-2023-3.0-0601.json
@ -77,7 +77,7 @@
        }
    ],
    "id": "PHSA-2023-3.0-0601",
-    "modified": "2023-09-13T05:31:06Z",
+    "modified": "2023-11-07T05:32:03Z",
    "published": "2023-06-20T00:00:00Z",
    "references": [
        {
@ -327,6 +327,16 @@
        "CVE-2017-14934",
        "CVE-2017-14128",
        "CVE-2018-18607",
-        "CVE-2022-28805"
+        "CVE-2022-28805",
+        "CVE-2019-17498",
+        "CVE-2021-43519",
+        "CVE-2020-24371",
+        "CVE-2021-44647",
+        "CVE-2022-33099",
+        "CVE-2020-15945",
+        "CVE-2019-6706",
+        "CVE-2020-24369",
+        "CVE-2020-24370",
+        "CVE-2020-15888"
    ]
 }
--- a/advisories/PHSA-2023-3.0-0681.json
+++ b/advisories/PHSA-2023-3.0-0681.json
@ -24,10 +24,24 @@
                ],
                "type": "ECOSYSTEM"
            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:3.0",
+                "name": "python-cryptography",
+                "purl": "pkg:rpm/vmware/python-cryptography?distro=photon-3"
+            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:3.0",
+                "name": "grub2",
+                "purl": "pkg:rpm/vmware/grub2?distro=photon-3"
+            }
        }
    ],
    "id": "PHSA-2023-3.0-0681",
-    "modified": "2023-11-05T05:31:35Z",
+    "modified": "2023-11-07T05:32:03Z",
    "published": "2023-11-04T00:00:00Z",
    "references": [
        {
@ -37,6 +51,9 @@
    ],
    "related": [
        "CVE-2021-28235",
-        "CVE-2023-32082"
+        "CVE-2023-32082",
+        "CVE-2023-23931",
+        "CVE-2023-4693",
+        "CVE-2023-4692"
    ]
 }
--- a/advisories/PHSA-2023-3.0-0683.json
+++ b/advisories/PHSA-2023-3.0-0683.json
@ -0,0 +1,31 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:3.0",
+                "name": "zchunk",
+                "purl": "pkg:rpm/vmware/zchunk?distro=photon-3"
+            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:3.0",
+                "name": "librdkafka",
+                "purl": "pkg:rpm/vmware/librdkafka?distro=photon-3"
+            }
+        }
+    ],
+    "id": "PHSA-2023-3.0-0683",
+    "modified": "2023-11-07T05:32:03Z",
+    "published": "2023-11-06T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-3.0-683"
+        }
+    ],
+    "related": [
+        "CVE-2021-3520",
+        "CVE-2023-46228"
+    ]
+}
--- a/advisories/PHSA-2023-4.0-0505.json
+++ b/advisories/PHSA-2023-4.0-0505.json
@ -24,10 +24,17 @@
                ],
                "type": "ECOSYSTEM"
            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "grub2",
+                "purl": "pkg:rpm/vmware/grub2?distro=photon-4"
+            }
        }
    ],
    "id": "PHSA-2023-4.0-0505",
-    "modified": "2023-11-05T05:31:35Z",
+    "modified": "2023-11-07T05:32:03Z",
    "published": "2023-11-04T00:00:00Z",
    "references": [
        {
@ -37,6 +44,8 @@
    ],
    "related": [
        "CVE-2021-28235",
-        "CVE-2023-32082"
+        "CVE-2023-32082",
+        "CVE-2023-4693",
+        "CVE-2023-4692"
    ]
 }
--- a/advisories/PHSA-2023-4.0-0506.json
+++ b/advisories/PHSA-2023-4.0-0506.json
@ -24,10 +24,17 @@
                ],
                "type": "ECOSYSTEM"
            }
+        },
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "gdk-pixbuf",
+                "purl": "pkg:rpm/vmware/gdk-pixbuf?distro=photon-4"
+            }
        }
    ],
    "id": "PHSA-2023-4.0-0506",
-    "modified": "2023-11-07T03:37:38Z",
+    "modified": "2023-11-07T05:32:03Z",
    "published": "2023-11-05T00:00:00Z",
    "references": [
        {
@ -36,6 +43,8 @@
        }
    ],
    "related": [
-        "CVE-2023-46316"
+        "CVE-2023-46316",
+        "CVE-2020-29385",
+        "CVE-2021-44648"
    ]
 }
--- a/advisories/PHSA-2023-4.0-0507.json
+++ b/advisories/PHSA-2023-4.0-0507.json
@ -0,0 +1,23 @@
+{
+    "affected": [
+        {
+            "package": {
+                "ecosystem": "Photon OS:4.0",
+                "name": "zchunk",
+                "purl": "pkg:rpm/vmware/zchunk?distro=photon-4"
+            }
+        }
+    ],
+    "id": "PHSA-2023-4.0-0507",
+    "modified": "2023-11-07T05:32:03Z",
+    "published": "2023-11-06T00:00:00Z",
+    "references": [
+        {
+            "type": "ADVISORY",
+            "url": "https://github.com/vmware/photon/wiki/Security-Update-4.0-507"
+        }
+    ],
+    "related": [
+        "CVE-2023-46228"
+    ]
+}
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit af85db2553f15ae7e06a0ba1d42f2a76e8aafdc8
+Subproject commit e888807d5b9ecb41c639422758c1b771c4b14917