!32 新增2023年07月安全公告

Merge pull request !32 from wangchen/0706

!32 新增2023年07月安全公告
Merge pull request !32 from wangchen/0706
98704feb · mamingshuai · Gitee · 29df391b · 5fa017a1 · 98704feb
4 changed file
--- a/en/security-disclosure/2023/2023-07.md
+++ b/en/security-disclosure/2023/2023-07.md
+## Security Vulnerabilities in July 2023
+_published July 4,2023_<br/>
+_updated July 4,2023_
+
+### The following table lists the third-party library vulnerabilities with only the CVE, severity, and affected OpenHarmony versions provided. For more details, see the security bulletins released by third-parties.
+| CVE | severity | CVSS3.1 | affected repository |affected OpenHarmony versions | fix link |
+| --- | -------- | ------- | --------------------| ---------------------------- | -------- |
+| CVE-2023-32665 | Medium | 5.5 |third_party_glib    | OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>            | [3.2.x](https://gitee.com/openharmony/third_party_glib/pulls/49)<br/>[3.1.x](https://gitee.com/openharmony/third_party_glib/pulls/48) |
+| CVE-2023-32611 | Low | 3.5 |third_party_glib    | OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>            | [3.2.x](https://gitee.com/openharmony/third_party_glib/pulls/49)<br/>[3.1.x](https://gitee.com/openharmony/third_party_glib/pulls/48) |
+| CVE-2023-32636 | Low | 3.5 |third_party_glib    | OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>            | [3.2.x](https://gitee.com/openharmony/third_party_glib/pulls/49)<br/>[3.1.x](https://gitee.com/openharmony/third_party_glib/pulls/48) |
+| CVE-2023-32643 | Medium | 5.5 |third_party_glib    | OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>            | [3.2.x](https://gitee.com/openharmony/third_party_glib/pulls/49)<br/>[3.1.x](https://gitee.com/openharmony/third_party_glib/pulls/48) |
+| CVE-2023-2930  | High | 8.8 |third_party_chromium| OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/814)           |
+| CVE-2023-2941  | Medium | 4.3 |third_party_chromium| OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/814)           |
+| CVE-2023-2940  | Medium | 6.5 |third_party_chromium| OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/814)           |
+| CVE-2023-2935  | High | 8.8 |third_party_chromium| OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/814)           |
+| CVE-2023-2936  | High | 8.8 |third_party_chromium| OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/814)           |
+| CVE-2023-2650  | High | 7.5 |third_party_openssl | OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0 through OpenHarmony-v3.0.8| [3.2.x](https://gitee.com/openharmony/third_party_openssl/pulls/117)<br/>[3.1.x](https://gitee.com/openharmony/third_party_openssl/pulls/119)<br/>[3.0.x](https://gitee.com/openharmony/third_party_openssl/pulls/118) |
+| CVE-2023-28321 | Medium | 5.6 |third_party_curl    | OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0 through OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_curl/pulls/135)<br/>[3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/139)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/140) |
+| CVE-2023-28322 | Medium | 4.8 |third_party_curl    | OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0 through OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_curl/pulls/135)<br/>[3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/139)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/140) |
+| CVE-2023-28320 | Medium | 5.9 |third_party_curl    | OpenHarmony-v3.2-Release through OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release through OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0 through OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_curl/pulls/135)<br/>[3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/139)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/140) |
+| CVE-2023-2513  | Medium | 6.7 |kernel_linux_5.10   | OpenHarmony-v3.2-Release | [3.2.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/897) |
+| CVE-2023-2459  | Medium | 5.3 |third_party_chromium| OpenHarmony-v3.2-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/776) |
+| CVE-2023-2162  | Medium | 5.5 |kernel_linux_5.10   | OpenHarmony-v3.2-Release | [3.2.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/896) |
\ No newline at end of file
--- a/en/security-disclosure/README.md
+++ b/en/security-disclosure/README.md
@@ -2,6 +2,7 @@

 This document describes the security vulnerabilities of OpenHarmony.
 ## Security Vulnerabilities in 2023
+**[Security Vulnerabilities in July](https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-07.md)**  
 **[Security Vulnerabilities in June](https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-06.md)**  
 **[Security Vulnerabilities in May](https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-05.md)**  
 **[Security Vulnerabilities in April](https://gitee.com/openharmony/security/blob/master/en/security-disclosure/2023/2023-04.md)**  

--- a/zh/security-disclosure/2023/2023-07.md
+++ b/zh/security-disclosure/2023/2023-07.md
+## 2023年07月安全漏洞
+_发布于2023.07.04_<br/>
+_最后更新于2023.07.04_
+
+### 以下为三方库漏洞，只提供CVE、严重程度、受影响的OpenHarmony版本，详细信息请参考三方公告。
+| CVE            | 严重程度 | CVSS 3.1得分 |受影响的仓库 | 受影响的OpenHarmony版本                                      | 修复链接                                               |
+| -------------- | -------- | ------------ |-------------| ------------------------------------------------------------ | ------------------------------------------------------ |
+| CVE-2023-32665 | 中 | 5.5 |third_party_glib    | OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>            | [3.2.x](https://gitee.com/openharmony/third_party_glib/pulls/49)<br/>[3.1.x](https://gitee.com/openharmony/third_party_glib/pulls/48) |
+| CVE-2023-32611 | 低 | 3.5 |third_party_glib    | OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>            | [3.2.x](https://gitee.com/openharmony/third_party_glib/pulls/49)<br/>[3.1.x](https://gitee.com/openharmony/third_party_glib/pulls/48) |
+| CVE-2023-32636 | 低 | 3.5 |third_party_glib    | OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>            | [3.2.x](https://gitee.com/openharmony/third_party_glib/pulls/49)<br/>[3.1.x](https://gitee.com/openharmony/third_party_glib/pulls/48) |
+| CVE-2023-32643 | 中 | 5.5 |third_party_glib    | OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>            | [3.2.x](https://gitee.com/openharmony/third_party_glib/pulls/49)<br/>[3.1.x](https://gitee.com/openharmony/third_party_glib/pulls/48) |
+| CVE-2023-2930  | 高 | 8.8 |third_party_chromium| OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/814)           |
+| CVE-2023-2941  | 中 | 4.3 |third_party_chromium| OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/814)           |
+| CVE-2023-2940  | 中 | 6.5 |third_party_chromium| OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/814)           |
+| CVE-2023-2935  | 高 | 8.8 |third_party_chromium| OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/814)           |
+| CVE-2023-2936  | 高 | 8.8 |third_party_chromium| OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/814)           |
+| CVE-2023-2650  | 高 | 7.5 |third_party_openssl | OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8| [3.2.x](https://gitee.com/openharmony/third_party_openssl/pulls/117)<br/>[3.1.x](https://gitee.com/openharmony/third_party_openssl/pulls/119)<br/>[3.0.x](https://gitee.com/openharmony/third_party_openssl/pulls/118) |
+| CVE-2023-28321 | 中 | 5.6 |third_party_curl    | OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_curl/pulls/135)<br/>[3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/139)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/140) |
+| CVE-2023-28322 | 中 | 4.8 |third_party_curl    | OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_curl/pulls/135)<br/>[3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/139)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/140) |
+| CVE-2023-28320 | 中 | 5.9 |third_party_curl    | OpenHarmony-v3.2-Release到OpenHarmony-v3.2.1-Release<br/>OpenHarmony-v3.1-Release到OpenHarmony-v3.1.7-Release<br/>OpenHarmony-v3.0到OpenHarmony-v3.0.8 | [3.2.x](https://gitee.com/openharmony/third_party_curl/pulls/135)<br/>[3.1.x](https://gitee.com/openharmony/third_party_curl/pulls/139)<br/>[3.0.x](https://gitee.com/openharmony/third_party_curl/pulls/140) |
+| CVE-2023-2513  | 中 | 6.7 |kernel_linux_5.10   | OpenHarmony-v3.2-Release | [3.2.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/897) |
+| CVE-2023-2459  | 中 | 5.3 |third_party_chromium| OpenHarmony-v3.2-Release | [3.2.x](https://gitee.com/openharmony/web_webview/pulls/776) |
+| CVE-2023-2162  | 中 | 5.5 |kernel_linux_5.10   | OpenHarmony-v3.2-Release | [3.2.x](https://gitee.com/openharmony/kernel_linux_5.10/pulls/896) |
--- a/zh/security-disclosure/README.md
+++ b/zh/security-disclosure/README.md
@@ -2,6 +2,7 @@

 本文档主要发布OpenHarmony软件的安全漏洞公告。
 ## 2023年安全漏洞
+**[2023年07月安全漏洞](https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-07.md)** 
 **[2023年06月安全漏洞](https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-06.md)**  
 **[2023年05月安全漏洞](https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-05.md)**  
 **[2023年04月安全漏洞](https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2023/2023-04.md)**