[Git][security-tracker-team/security-tracker][master] 2 commits: data/CVE/list: Fix "release notes not ordered properly"

Tue, 20 Dec 2022 16:05:56 -0800 


Ben Hutchings pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7b10624a by Ben Hutchings at 2022-12-21T01:03:11+01:00
data/CVE/list: Fix "release notes not ordered properly"

- - - - -
cd9da6f7 by Ben Hutchings at 2022-12-21T01:03:35+01:00
Reserve DLA-3245-1 for linux

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3123,8 +3123,8 @@ CVE-2022-4416 (A vulnerability was found in RainyGao 
DocSys. It has been declare
 CVE-2022-4415
        RESERVED
        - systemd <unfixed>
-       [buster] - systemd <not-affected> (Vulnerable code introduced later)
        [bullseye] - systemd <no-dsa> (Minor issue; can be fixed via point 
release)
+       [buster] - systemd <not-affected> (Vulnerable code introduced later)
        NOTE: Fixed by: 
https://github.com/systemd/systemd-stable/commit/bb47600aeb38c68c857fbf0ee5f66c3144dd81ce
        NOTE: Affects only v247 and newer, and only if building with libacl 
support
 CVE-2022-4414 (Cross-site Scripting (XSS) - DOM in GitHub repository 
nuxt/framework p ...)
@@ -52851,7 +52851,6 @@ CVE-2022-1526 (A vulnerability, which was classified as 
problematic, was found i
 CVE-2022-29901 (Intel microprocessor generations 6 to 8 are affected by a new 
Spectre  ...)
        {DSA-5207-1 DLA-3102-1}
        - linux 5.18.14-1
-       [buster] - linux <ignored> (Mitigation is too invasive to backport)
        NOTE: https://comsec.ethz.ch/research/microarch/retbleed/
        NOTE: https://comsec.ethz.ch/wp-content/files/retbleed_sec22.pdf
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[21 Dec 2022] DLA-3245-1 linux - security update
+       {CVE-2022-2978 CVE-2022-3521 CVE-2022-3524 CVE-2022-3535 CVE-2022-3542 
CVE-2022-3564 CVE-2022-3565 CVE-2022-3594 CVE-2022-3621 CVE-2022-3628 
CVE-2022-3640 CVE-2022-3643 CVE-2022-3646 CVE-2022-3649 CVE-2022-4378 
CVE-2022-20369 CVE-2022-29901 CVE-2022-40768 CVE-2022-41849 CVE-2022-41850 
CVE-2022-42328 CVE-2022-42329 CVE-2022-42895 CVE-2022-42896 CVE-2022-43750}
+       [buster] - linux 4.19.269-1
 [20 Dec 2022] DLA-3244-1 linux-5.10 - security update
        {CVE-2021-3759 CVE-2022-3169 CVE-2022-3435 CVE-2022-3521 CVE-2022-3524 
CVE-2022-3535 CVE-2022-3542 CVE-2022-3564 CVE-2022-3565 CVE-2022-3594 
CVE-2022-3628 CVE-2022-3640 CVE-2022-3643 CVE-2022-4139 CVE-2022-4378 
CVE-2022-41849 CVE-2022-41850 CVE-2022-42328 CVE-2022-42329 CVE-2022-42895 
CVE-2022-42896 CVE-2022-47518 CVE-2022-47519 CVE-2022-47520 CVE-2022-47521}
        [buster] - linux-5.10 5.10.158-2~deb10u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cbcf0ca5db58077f858e18977bddf7c17590dad8...cd9da6f72abaac6b96b60ac0984487a6bf1eb337

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cbcf0ca5db58077f858e18977bddf7c17590dad8...cd9da6f72abaac6b96b60ac0984487a6bf1eb337
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to