[Git][security-tracker-team/security-tracker][master] 4 commits: Triage CVE-2023-0341 in editorconfig-core for buster LTS.

Chris Lamb (@lamby) Wed, 01 Feb 2023 08:07:03 -0800


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker



Commits:
05ecf8ae by Chris Lamb at 2023-02-01T08:05:23-08:00
Triage CVE-2023-0341 in editorconfig-core for buster LTS.

- - - - -
0433f650 by Chris Lamb at 2023-02-01T08:05:45-08:00
Triage CVE-2022-40152 in libwoodstox-java for buster LTS.

- - - - -
8df4ca80 by Chris Lamb at 2023-02-01T08:06:12-08:00
Triage CVE-2022-47021 in opusfile for buster LTS.

- - - - -
5bc2df27 by Chris Lamb at 2023-02-01T08:06:32-08:00
Triage CVE-2023-22745 in tpm2-tss for buster LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3359,6 +3359,7 @@ CVE-2023-0342
 CVE-2023-0341 (A stack buffer overflow exists in the ec_glob function of 
editorconfig ...)
        - editorconfig-core 0.12.6-0.1
        [bullseye] - editorconfig-core <no-dsa> (Minor issue)
+       [buster] - editorconfig-core <no-dsa> (Minor issue)
        NOTE: https://github.com/editorconfig/editorconfig-core-c/pull/87
        NOTE: 
https://github.com/editorconfig/editorconfig-core-c/commit/41281ea82fbf24b060a9f69b9c5369350fb0529e
 CVE-2023-0340
@@ -6342,6 +6343,7 @@ CVE-2023-22746
 CVE-2023-22745 (tpm2-tss is an open source software implementation of the 
Trusted Comp ...)
        - tpm2-tss <unfixed> (bug #1029369)
        [bullseye] - tpm2-tss <no-dsa> (Minor issue)
+       [buster] - tpm2-tss <no-dsa> (Minor issue)
        NOTE: Fixed by: 
https://github.com/tpm2-software/tpm2-tss/commit/306490c8d848c367faa2d9df81f5e69dab46ffb5
        NOTE: 
https://github.com/tpm2-software/tpm2-tss/security/advisories/GHSA-4j3v-fh23-vx67
 CVE-2023-22744
@@ -12530,6 +12532,7 @@ CVE-2022-47022
 CVE-2022-47021 (A null pointer dereference issue was discovered in functions 
op_get_da ...)
        - opusfile <unfixed> (bug #1030049)
        [bullseye] - opusfile <no-dsa> (Minor issue)
+       [buster] - opusfile <no-dsa> (Minor issue)
        NOTE: 
https://github.com/xiph/opusfile/commit/0a4cd796df5b030cb866f3f4a5e41a4b92caddf5
        NOTE: https://github.com/xiph/opusfile/issues/36
 CVE-2022-47020
@@ -34338,6 +34341,7 @@ CVE-2022-40153
 CVE-2022-40152 (Those using Woodstox to parse XML data may be vulnerable to 
Denial of  ...)
        - libwoodstox-java <unfixed>
        [bullseye] - libwoodstox-java <no-dsa> (Minor issue)
+       [buster] - libwoodstox-java <no-dsa> (Minor issue)
        NOTE: https://github.com/x-stream/xstream/issues/304
        NOTE: https://github.com/advisories/GHSA-3f7h-mf4q-vrm4
 CVE-2022-40151 (Those using Xstream to seralize XML data may be vulnerable to 
Denial o ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6bd28ff8022a5fb5abaff5730ebcd15daa3db46a...5bc2df27660c1d1350fb6f5bc775f13472f9567c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6bd28ff8022a5fb5abaff5730ebcd15daa3db46a...5bc2df27660c1d1350fb6f5bc775f13472f9567c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 4 commits: Triage CVE-2023-0341 in editorconfig-core for buster LTS.

Reply via email to