proj: curl
subj: [vs-plain] : curl: CVE-2023-32001: fopen race condition
trep: Wed Jul 12 08:17:32 2023
tcrd: July 19 2023
cves: CVE-2023-32001
toss: Wed Jul 19 06:31:07 2023
loss: https://www.openwall.com/lists/oss-security/2023/07/19/1
soss: [oss-security] curl: fopen race condition: CVE-2023-32001

proj: AMD Zen2
subj: [vs-plain] CVE-2023-20593: A use-after-free in AMD Zen2 Processors
trep: Sat Jul 22 17:42:37 2023
tcrd: current plan is Monday
cves: CVE-2023-20593
lpub: https://lore.kernel.org/linux-firmware/20230718231959.3163407-1-john.allen@amd.com/T/#maa00a9e4b26bcdbf0370b24bdb082639ad0b8dd6
tpub: Wed Jul 19 19:18:19 2023
toss: Mon Jul 24 14:28:36 2023
loss: https://www.openwall.com/lists/oss-security/2023/07/24/1
soss: [oss-security] CVE-2023-20593: A use-after-free in AMD Zen2 Processors

proj: Cargo
subj: [vs-plain] CVE-2023-38497: Cargo does not respect the umask when extracting dependencies
trep: Mon Jul 31 09:31:14 2023
tcrd: August 3rd, 2023 at 12pm UTC
cves: CVE-2023-38497
toss: Thu Aug 03 12:06:04 2023
loss: https://www.openwall.com/lists/oss-security/2023/08/03/2
soss: [oss-security] CVE-2023-38497: Cargo does not respect umask when extracting packages