Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: fcd0fc3e by Moritz Muehlenhoff at 2022-10-24T00:24:19+02:00 bugnums - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -534,11 +534,11 @@ CVE-2022-3629 (A vulnerability was found in Linux Kernel. It has been declared a CVE-2022-3628 RESERVED CVE-2022-3627 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif ...) - - tiff <unfixed> + - tiff <unfixed> (bug #1022555) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047 NOTE: https://gitlab.com/libtiff/libtiff/-/issues/411 CVE-2022-3626 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif ...) - - tiff <unfixed> + - tiff <unfixed> (bug #1022555) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047 NOTE: https://gitlab.com/libtiff/libtiff/-/issues/426 CVE-2022-3625 (A vulnerability was found in Linux Kernel. It has been classified as c ...) @@ -559,7 +559,7 @@ CVE-2022-3621 (A vulnerability was found in Linux Kernel. It has been classified [bullseye] - linux 5.10.148-1 NOTE: https://git.kernel.org/linus/21a87d88c2253350e115029f14fe2a10a7e6c856 (6.1-rc1) CVE-2022-3620 (A vulnerability was found in Exim and classified as problematic. This ...) - - exim4 <unfixed> + - exim4 <unfixed> (bug #1022556) [bullseye] - exim4 <not-affected> (Vulnerable code not present) [buster] - exim4 <not-affected> (Vulnerable code not present) NOTE: Introduced by: https://git.exim.org/exim.git/commit/92583637b25b6bde926f9ca6be7b085e5ac8b1e6 (exim-4.95-RC0) @@ -610,15 +610,15 @@ CVE-2022-3601 CVE-2022-3600 RESERVED CVE-2022-3599 (LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools ...) - - tiff <unfixed> + - tiff <unfixed> (bug #1022555) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246 NOTE: https://gitlab.com/libtiff/libtiff/-/issues/398 CVE-2022-3598 (LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifte ...) - - tiff <unfixed> + - tiff <unfixed> (bug #1022555) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff NOTE: https://gitlab.com/libtiff/libtiff/-/issues/435 CVE-2022-3597 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif ...) - - tiff <unfixed> + - tiff <unfixed> (bug #1022555) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047 NOTE: https://gitlab.com/libtiff/libtiff/-/issues/413 CVE-2021-46846 @@ -811,7 +811,7 @@ CVE-2022-3572 CVE-2022-3571 RESERVED CVE-2022-3570 (Multiple heap buffer overflows in tiffcrop.c utility in libtiff librar ...) - - tiff <unfixed> + - tiff <unfixed> (bug #1022555) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/bd94a9b383d8755a27b5a1bc27660b8ad10b094c NOTE: https://gitlab.com/libtiff/libtiff/-/issues/381 NOTE: https://gitlab.com/libtiff/libtiff/-/issues/386 @@ -1663,7 +1663,7 @@ CVE-2022-3555 (A vulnerability was found in X.org libX11 and classified as probl [buster] - libx11 <postponed> (Minor issue) NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/commit/8a368d808fec166b5fb3dfe6312aab22c7ee20af (libX11-1.7.4) CVE-2022-3554 (A vulnerability has been found in X.org libX11 and classified as probl ...) - - libx11 <unfixed> + - libx11 <unfixed> (bug #1022560) [bullseye] - libx11 <no-dsa> (Minor issue) [buster] - libx11 <postponed> (Minor issue) NOTE: https://gitlab.freedesktop.org/xorg/lib/libx11/commit/1d11822601fd24a396b354fa616b04ed3df8b4ef @@ -49205,7 +49205,7 @@ CVE-2022-0701 (The SEO 301 Meta WordPress plugin through 1.9.1 does not escape i CVE-2022-0700 (The Simple Tracking WordPress plugin before 1.7 does not sanitise and ...) NOT-FOR-US: WordPress plugin CVE-2022-0699 (A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 ...) - - shapelib <unfixed> + - shapelib <unfixed> (bug #1022557) NOTE: https://github.com/OSGeo/shapelib/commit/c75b9281a5b9452d92e1682bdfe6019a13ed819f NOTE: https://github.com/OSGeo/shapelib/issues/39 CVE-2022-25597 (ASUS RT-AC86U’s LPD service has insufficient filtering for speci ...) @@ -77011,6 +77011,7 @@ CVE-2021-3863 (snipe-it is vulnerable to Improper Neutralization of Input During - snipe-it <itp> (bug #1005172) CVE-2021-42010 RESERVED + NOT-FOR-US: Apache Heron CVE-2021-42009 (An authenticated Apache Traffic Control Traffic Ops user with Portal-l ...) NOT-FOR-US: Apache Traffic Control CVE-2021-3862 (icecoder is vulnerable to Improper Neutralization of Input During Web ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcd0fc3e8bd3599153a25565cd6c8917a55a4775 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcd0fc3e8bd3599153a25565cd6c8917a55a4775 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits