Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2e21f566 by Moritz Muehlenhoff at 2022-04-06T15:30:05+02:00 buster/bullseye triage - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1600,11 +1600,15 @@ CVE-2022-1116 CVE-2022-1115 RESERVED - imagemagick <unfixed> + [bullseye] - imagemagick <no-dsa> (Minor issue) + [buster] - imagemagick <no-dsa> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/4974 NOTE: https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51 CVE-2022-1114 RESERVED - imagemagick <unfixed> + [bullseye] - imagemagick <no-dsa> (Minor issue) + [buster] - imagemagick <no-dsa> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/4947 NOTE: https://github.com/ImageMagick/ImageMagick6/commit/78f03b619d08d7c2e0fcaccab407e3ac93c2ee8f CVE-2022-1113 @@ -10379,6 +10383,7 @@ CVE-2022-24804 RESERVED CVE-2022-24803 (Asciidoctor-include-ext is Asciidoctor’s standard include proces ...) - ruby-asciidoctor-include-ext <unfixed> (bug #1009035) + [bullseye] - ruby-asciidoctor-include-ext <no-dsa> (Minor issue) NOTE: https://github.com/jirutka/asciidoctor-include-ext/security/advisories/GHSA-v222-6mr4-qj29 NOTE: https://github.com/jirutka/asciidoctor-include-ext/commit/c7ea001a597c7033575342c51483dab7b87ae155 (v0.4.0) NOTE: https://github.com/jirutka/asciidoctor-include-ext/commit/cbaccf3de533cbca224bf61d0b74e4b84d41d8ee (v0.4.0) @@ -10632,14 +10637,20 @@ CVE-2022-24717 (ssr-pages is an HTML page builder for the purpose of server-side NOT-FOR-US: ssr-pages CVE-2022-24716 (Icinga Web 2 is an open source monitoring web interface, framework and ...) - icingaweb2 2.9.6-1 + [bullseye] - icingaweb2 <not-affected> (Vulnerable code not present) + [buster] - icingaweb2 <not-affected> (Vulnerable code not present) NOTE: https://github.com/Icinga/icingaweb2/security/advisories/GHSA-5p3f-rh28-8frw NOTE: https://github.com/Icinga/icingaweb2/commit/9931ed799650f5b8d5e1dc58ea3415a4cdc5773d CVE-2022-24715 (Icinga Web 2 is an open source monitoring web interface, framework and ...) - icingaweb2 2.9.6-1 + [bullseye] - icingaweb2 <no-dsa> (Minor issue) + [buster] - icingaweb2 <no-dsa> (Minor issue) NOTE: https://github.com/Icinga/icingaweb2/security/advisories/GHSA-v9mv-h52f-7g63 NOTE: https://github.com/Icinga/icingaweb2/commit/a06d915467ca943a4b406eb9587764b8ec34cafb CVE-2022-24714 (Icinga Web 2 is an open source monitoring web interface, framework and ...) - icingaweb2 2.9.6-1 + [bullseye] - icingaweb2 <no-dsa> (Minor issue) + [buster] - icingaweb2 <no-dsa> (Minor issue) NOTE: https://github.com/Icinga/icingaweb2/security/advisories/GHSA-qcmg-vr56-x9wf NOTE: https://github.com/Icinga/icingaweb2/commit/6e989d05a1568a6733a3d912001251acc51d9293 CVE-2022-24713 (regex is an implementation of regular expressions for the Rust languag ...) @@ -12349,9 +12360,10 @@ CVE-2022-24193 (CasaOS before v0.2.7 was discovered to contain a command injecti CVE-2022-24192 RESERVED CVE-2022-24191 (In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can l ...) - - htmldoc 1.9.15-1 + - htmldoc 1.9.15-1 (unimportant) NOTE: https://github.com/michaelrsweet/htmldoc/commit/fb0334a51300988e9b83b9870d4063e86002b077 (v1.9.15) NOTE: https://github.com/michaelrsweet/htmldoc/issues/470 + NOTE: Hang in CLI tool, no security impact CVE-2022-24190 RESERVED CVE-2022-24189 @@ -55417,7 +55429,11 @@ CVE-2021-33658 (atune before 0.3-0.8 log in as a local user and run the curl com NOT-FOR-US: A-Tune OS tuning engine CVE-2021-33657 (There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple ...) - libsdl1.2 <unfixed> + [bullseye] - libsdl1.2 <no-dsa> (Minor issue) + [buster] - libsdl1.2 <no-dsa> (Minor issue) - libsdl2 2.0.20+dfsg-2 + [bullseye] - libsdl2 <no-dsa> (Minor issue) + [buster] - libsdl2 <no-dsa> (Minor issue) NOTE: https://github.com/libsdl-org/SDL/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9 (release-2.0.20) CVE-2021-33656 RESERVED View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e21f56693fa9d0158ec05f427ab99c9bcb7f54f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e21f56693fa9d0158ec05f427ab99c9bcb7f54f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits