!31 新增2023年06月安全公告

Merge pull request !31 from 乔克叔叔/master

!31 新增2023年06月安全公告
Merge pull request !31 from 乔克叔叔/master
29df391b · mamingshuai · Gitee · 62e42fe4 · 82f3ae30 · 29df391b
4 changed file
--- a/en/security-disclosure/2023/2023-06.md
+++ b/en/security-disclosure/2023/2023-06.md
+## Security Vulnerabilities in June 2023
+
+_published June 2,2023_<br/>
+_updated June 2,2023_
+
+### The following table lists the third-party library vulnerabilities with only the CVE, severity, and affected OpenHarmony versions provided. For more details, see the security bulletins released by third-parties.
+
+| CVE            | severity | CVSS 3.1 | affected OpenHarmony versions                                | fix links                                                    |
+| -------------- | -------- | -------- | ------------------------------------------------------------ | ------------------------------------------------------------ |
+| CVE-2023-27533 | High     | 8.8      | OpenHarmony-v3.2-Release<br />OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0 through OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_curl/pulls/128)<br />[3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/130)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/131) |
+| CVE-2023-27534 | High     | 8.8      | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0 through OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/130)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/131) |
+| CVE-2023-27535 | High     | 7.5      | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0 through OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/130)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/131) |
+| CVE-2023-27536 | Critical | 9.8      | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0 through OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/130)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/131) |
+| CVE-2023-27538 | Medium   | 5.5      | OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0 through OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/130)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/131) |
+| CVE-2023-29469 | Medium   | 5.9      | OpenHarmony-v3.2-Release<br />OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0 through OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_libxml2/pulls/44)<br />[3.1.x](https://gitee.com/openharmony/third_party_libxml2/pulls/45)<br/>[3.0.x](https://gitee.com/openharmony/third_party_libxml2/pulls/46) |
+| CVE-2023-28484 | Medium   | 5.9      | OpenHarmony-v3.2-Release<br />OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0 through OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_libxml2/pulls/44)<br />[3.1.x](https://gitee.com/openharmony/third_party_libxml2/pulls/45)<br/>[3.0.x](https://gitee.com/openharmony/third_party_libxml2/pulls/46) |
+
+### The following are the security patch labels for each maintenance version. Please update the security patch labels while incorporating the corresponding security patches.
+
+<table>
+	<tr>
+		<td style="font-weight: bold">Security patch label</td>
+		<td style="font-weight: bold">fix links</td>
+	</tr>
+	<tr>
+		<td rowspan="3">June 2023</td>
+		<td><a href="https://gitee.com/openharmony/startup_init/pulls/2020">[3.2.x]</a></td>
+	</tr>
+	<tr>
+		<td><a href="https://gitee.com/openharmony/startup_syspara_lite/pulls/239">[3.1.x]</a><br /><a href="https://gitee.com/openharmony/startup_init/pulls/2007">[3.1.x]</a></td>
+	</tr>
+	<tr>
+		<td><a href="https://gitee.com/openharmony/startup_syspara_lite/pulls/238">[3.0.x]</a></td>
+	</tr>
+</table>
\ No newline at end of file
--- a/en/security-disclosure/README.md
+++ b/en/security-disclosure/README.md
@@ -2,6 +2,7 @@

 This document describes the security vulnerabilities of OpenHarmony.
 ## Security Vulnerabilities in 2023
+**[Security Vulnerabilities in June](https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-06.md)**  
 **[Security Vulnerabilities in May](https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-05.md)**  
 **[Security Vulnerabilities in April](https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-04.md)**  
 **[Security Vulnerabilities in March](https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-03.md)**  

--- a/zh/security-disclosure/2023/2023-06.md
+++ b/zh/security-disclosure/2023/2023-06.md
+## 2023年06月安全漏洞
+
+_发布于2023.06.02_<br/>
+_最后更新于2023.06.02_
+
+### 以下为三方库漏洞，只提供CVE、严重程度、受影响的OpenHarmony版本，详细信息请参考三方公告。
+
+| CVE            | 严重程度 | CVSS 3.1得分 | 受影响的OpenHarmony版本                                      | 修复链接                                                     |
+| -------------- | -------- | ------------ | ------------------------------------------------------------ | ------------------------------------------------------------ |
+| CVE-2023-27533 | 高       | 8.8          | OpenHarmony-v3.2-Release<br />OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_libxml2/pulls/44)<br />[3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/130)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/131) |
+| CVE-2023-27534 | 高       | 8.8          | OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/130)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/131) |
+| CVE-2023-27535 | 高       | 7.5          | OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/130)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/131) |
+| CVE-2023-27536 | 严重     | 9.8          | OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/130)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/131) |
+| CVE-2023-27538 | 中       | 5.5          | OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/130)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/131) |
+| CVE-2023-29469 | 中       | 5.9          | OpenHarmony-v3.2-Release<br />OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_libxml2/pulls/44)<br />[3.1.x](https://gitee.com/openharmony/third_party_libxml2/pulls/45)<br/>[3.0.x](https://gitee.com/openharmony/third_party_libxml2/pulls/46) |
+| CVE-2023-28484 | 中       | 5.9          | OpenHarmony-v3.2-Release<br />OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_libxml2/pulls/44)<br />[3.1.x](https://gitee.com/openharmony/third_party_libxml2/pulls/45)<br/>[3.0.x](https://gitee.com/openharmony/third_party_libxml2/pulls/46) |
+
+### 如下是各维护版本的安全补丁标签，请在合入对应安全补丁的同时，更新安全补丁标签。
+
+<table>
+	<tr>
+		<td style="font-weight: bold">安全补丁标签</td>
+		<td style="font-weight: bold">链接</td>
+	</tr>
+	<tr>
+		<td rowspan="3">2023年6月</td>
+		<td><a href="https://gitee.com/openharmony/startup_init/pulls/2020">[3.2.x]</a></td>
+	</tr>
+	<tr>
+		<td><a href="https://gitee.com/openharmony/startup_syspara_lite/pulls/239">[3.1.x]</a><br /><a href="https://gitee.com/openharmony/startup_init/pulls/2007">[3.1.x]</a></td>
+	</tr>
+	<tr>
+		<td><a href="https://gitee.com/openharmony/startup_syspara_lite/pulls/238">[3.0.x]</a></td>
+	</tr>
+</table>
\ No newline at end of file
--- a/zh/security-disclosure/README.md
+++ b/zh/security-disclosure/README.md
@@ -2,6 +2,7 @@

 本文档主要发布OpenHarmony软件的安全漏洞公告。
 ## 2023年安全漏洞
+**[2023年06月安全漏洞](https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-06.md)**  
 **[2023年05月安全漏洞](https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-05.md)**  
 **[2023年04月安全漏洞](https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-04.md)**  
 **[2023年03月安全漏洞](https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-03.md)**