Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fcd0fc3e by Moritz Muehlenhoff at 2022-10-24T00:24:19+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -534,11 +534,11 @@ CVE-2022-3629 (A vulnerability was found in Linux Kernel.
It has been declared a
CVE-2022-3628
RESERVED
CVE-2022-3627 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in
libtiff/tif ...)
- - tiff <unfixed>
+ - tiff <unfixed> (bug #1022555)
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/411
CVE-2022-3626 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in
libtiff/tif ...)
- - tiff <unfixed>
+ - tiff <unfixed> (bug #1022555)
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/426
CVE-2022-3625 (A vulnerability was found in Linux Kernel. It has been
classified as c ...)
@@ -559,7 +559,7 @@ CVE-2022-3621 (A vulnerability was found in Linux Kernel.
It has been classified
[bullseye] - linux 5.10.148-1
NOTE:
https://git.kernel.org/linus/21a87d88c2253350e115029f14fe2a10a7e6c856 (6.1-rc1)
CVE-2022-3620 (A vulnerability was found in Exim and classified as
problematic. This ...)
- - exim4 <unfixed>
+ - exim4 <unfixed> (bug #1022556)
[bullseye] - exim4 <not-affected> (Vulnerable code not present)
[buster] - exim4 <not-affected> (Vulnerable code not present)
NOTE: Introduced by:
https://git.exim.org/exim.git/commit/92583637b25b6bde926f9ca6be7b085e5ac8b1e6
(exim-4.95-RC0)
@@ -610,15 +610,15 @@ CVE-2022-3601
CVE-2022-3600
RESERVED
CVE-2022-3599 (LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection
in tools ...)
- - tiff <unfixed>
+ - tiff <unfixed> (bug #1022555)
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/398
CVE-2022-3598 (LibTIFF 4.4.0 has an out-of-bounds write in
extractContigSamplesShifte ...)
- - tiff <unfixed>
+ - tiff <unfixed> (bug #1022555)
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/435
CVE-2022-3597 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in
libtiff/tif ...)
- - tiff <unfixed>
+ - tiff <unfixed> (bug #1022555)
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/413
CVE-2021-46846
@@ -811,7 +811,7 @@ CVE-2022-3572
CVE-2022-3571
RESERVED
CVE-2022-3570 (Multiple heap buffer overflows in tiffcrop.c utility in libtiff
librar ...)
- - tiff <unfixed>
+ - tiff <unfixed> (bug #1022555)
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/bd94a9b383d8755a27b5a1bc27660b8ad10b094c
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/381
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/386
@@ -1663,7 +1663,7 @@ CVE-2022-3555 (A vulnerability was found in X.org libX11
and classified as probl
[buster] - libx11 <postponed> (Minor issue)
NOTE:
https://gitlab.freedesktop.org/xorg/lib/libx11/commit/8a368d808fec166b5fb3dfe6312aab22c7ee20af
(libX11-1.7.4)
CVE-2022-3554 (A vulnerability has been found in X.org libX11 and classified
as probl ...)
- - libx11 <unfixed>
+ - libx11 <unfixed> (bug #1022560)
[bullseye] - libx11 <no-dsa> (Minor issue)
[buster] - libx11 <postponed> (Minor issue)
NOTE:
https://gitlab.freedesktop.org/xorg/lib/libx11/commit/1d11822601fd24a396b354fa616b04ed3df8b4ef
@@ -49205,7 +49205,7 @@ CVE-2022-0701 (The SEO 301 Meta WordPress plugin
through 1.9.1 does not escape i
CVE-2022-0700 (The Simple Tracking WordPress plugin before 1.7 does not
sanitise and ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0699 (A double-free condition exists in contrib/shpsort.c of shapelib
1.5.0 ...)
- - shapelib <unfixed>
+ - shapelib <unfixed> (bug #1022557)
NOTE:
https://github.com/OSGeo/shapelib/commit/c75b9281a5b9452d92e1682bdfe6019a13ed819f
NOTE: https://github.com/OSGeo/shapelib/issues/39
CVE-2022-25597 (ASUS RT-AC86U’s LPD service has insufficient filtering
for speci ...)
@@ -77011,6 +77011,7 @@ CVE-2021-3863 (snipe-it is vulnerable to Improper
Neutralization of Input During
- snipe-it <itp> (bug #1005172)
CVE-2021-42010
RESERVED
+ NOT-FOR-US: Apache Heron
CVE-2021-42009 (An authenticated Apache Traffic Control Traffic Ops user with
Portal-l ...)
NOT-FOR-US: Apache Traffic Control
CVE-2021-3862 (icecoder is vulnerable to Improper Neutralization of Input
During Web ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcd0fc3e8bd3599153a25565cd6c8917a55a4775
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcd0fc3e8bd3599153a25565cd6c8917a55a4775
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
