Ben Hutchings pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7b10624a by Ben Hutchings at 2022-12-21T01:03:11+01:00 data/CVE/list: Fix "release notes not ordered properly" - - - - - cd9da6f7 by Ben Hutchings at 2022-12-21T01:03:35+01:00 Reserve DLA-3245-1 for linux - - - - - 2 changed files: - data/CVE/list - data/DLA/list Changes: ===================================== data/CVE/list ===================================== @@ -3123,8 +3123,8 @@ CVE-2022-4416 (A vulnerability was found in RainyGao DocSys. It has been declare CVE-2022-4415 RESERVED - systemd <unfixed> - [buster] - systemd <not-affected> (Vulnerable code introduced later) [bullseye] - systemd <no-dsa> (Minor issue; can be fixed via point release) + [buster] - systemd <not-affected> (Vulnerable code introduced later) NOTE: Fixed by: https://github.com/systemd/systemd-stable/commit/bb47600aeb38c68c857fbf0ee5f66c3144dd81ce NOTE: Affects only v247 and newer, and only if building with libacl support CVE-2022-4414 (Cross-site Scripting (XSS) - DOM in GitHub repository nuxt/framework p ...) @@ -52851,7 +52851,6 @@ CVE-2022-1526 (A vulnerability, which was classified as problematic, was found i CVE-2022-29901 (Intel microprocessor generations 6 to 8 are affected by a new Spectre ...) {DSA-5207-1 DLA-3102-1} - linux 5.18.14-1 - [buster] - linux <ignored> (Mitigation is too invasive to backport) NOTE: https://comsec.ethz.ch/research/microarch/retbleed/ NOTE: https://comsec.ethz.ch/wp-content/files/retbleed_sec22.pdf NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00702.html ===================================== data/DLA/list ===================================== @@ -1,3 +1,6 @@ +[21 Dec 2022] DLA-3245-1 linux - security update + {CVE-2022-2978 CVE-2022-3521 CVE-2022-3524 CVE-2022-3535 CVE-2022-3542 CVE-2022-3564 CVE-2022-3565 CVE-2022-3594 CVE-2022-3621 CVE-2022-3628 CVE-2022-3640 CVE-2022-3643 CVE-2022-3646 CVE-2022-3649 CVE-2022-4378 CVE-2022-20369 CVE-2022-29901 CVE-2022-40768 CVE-2022-41849 CVE-2022-41850 CVE-2022-42328 CVE-2022-42329 CVE-2022-42895 CVE-2022-42896 CVE-2022-43750} + [buster] - linux 4.19.269-1 [20 Dec 2022] DLA-3244-1 linux-5.10 - security update {CVE-2021-3759 CVE-2022-3169 CVE-2022-3435 CVE-2022-3521 CVE-2022-3524 CVE-2022-3535 CVE-2022-3542 CVE-2022-3564 CVE-2022-3565 CVE-2022-3594 CVE-2022-3628 CVE-2022-3640 CVE-2022-3643 CVE-2022-4139 CVE-2022-4378 CVE-2022-41849 CVE-2022-41850 CVE-2022-42328 CVE-2022-42329 CVE-2022-42895 CVE-2022-42896 CVE-2022-47518 CVE-2022-47519 CVE-2022-47520 CVE-2022-47521} [buster] - linux-5.10 5.10.158-2~deb10u1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cbcf0ca5db58077f858e18977bddf7c17590dad8...cd9da6f72abaac6b96b60ac0984487a6bf1eb337 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/cbcf0ca5db58077f858e18977bddf7c17590dad8...cd9da6f72abaac6b96b60ac0984487a6bf1eb337 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits