[Git][security-tracker-team/security-tracker][master] 2 commits: Fix typo in package note

Salvatore Bonaccorso (@carnil) Mon, 12 Feb 2024 02:07:20 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ca2e3351 by Salvatore Bonaccorso at 2024-02-12T11:01:48+01:00
Fix typo in package note

- - - - -
6a8e6f07 by Salvatore Bonaccorso at 2024-02-12T11:05:09+01:00
Mark for now some previous NFU in OP-TEE to track via src:optee-os

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26404,7 +26404,7 @@ CVE-2023-41880 (Wasmtime is a standalone runtime for 
WebAssembly. Wasmtime versi
 CVE-2023-41592 (Froala Editor v4.0.1 to v4.1.1 was discovered to contain a 
cross-site  ...)
        NOT-FOR-US: Froala Editor
 CVE-2023-41325 (OP-TEE is a Trusted Execution Environment (TEE) designed as 
companion  ...)
-       NOT-FOR-US: OP-TEE
+       - optee-os <undetermined>
 CVE-2023-41160 (A Stored Cross-Site Scripting (XSS) vulnerability in the SSH 
configura ...)
        NOT-FOR-US: Usermin
 CVE-2023-41159 (A Stored Cross-Site Scripting (XSS) vulnerability while 
editing the au ...)
@@ -73252,7 +73252,7 @@ CVE-2022-47551 (Apiman 1.5.7 through 2.2.3.Final has 
insufficient checks for rea
 CVE-2022-47550
        RESERVED
 CVE-2022-47549 (An unprotected memory-access operation in optee_os in 
TrustedFirmware  ...)
-       - optee-os <not-affected> (Fixe before initial upload)
+       - optee-os <not-affected> (Fixed before initial upload)
 CVE-2022-47548
        RESERVED
 CVE-2022-47547 (GossipSub 1.1, as used for Ethereum 2.0, allows a peer to 
maintain a p ...)
@@ -79084,7 +79084,7 @@ CVE-2022-46154 (Kodexplorer is a chinese language web 
based file manager and bro
 CVE-2022-46153 (Traefik is an open source HTTP reverse proxy and load 
balancer. In aff ...)
        - traefik <itp> (bug #983289)
 CVE-2022-46152 (OP-TEE Trusted OS is the secure side implementation of OP-TEE 
project, ...)
-       NOT-FOR-US: OP-TEE
+       - optee-os <undetermined>
 CVE-2022-46151 (Querybook is an open source data querying UI. In affected 
versions use ...)
        NOT-FOR-US: Querybook
 CVE-2022-46150 (Discourse is an open-source discussion platform. Prior to 
version 2.8. ...)
@@ -158793,7 +158793,7 @@ CVE-2021-44151 (An issue was discovered in Reprise 
RLM 14.2. As the session cook
 CVE-2021-44150 (The client in tusdotnet through 2.5.0 relies on SHA-1 to 
prevent spoof ...)
        NOT-FOR-US: tusdotnet
 CVE-2021-44149 (An issue was discovered in Trusted Firmware OP-TEE Trusted OS 
through  ...)
-       NOT-FOR-US: Linaro/OP-TEE OP-TEE
+       - optee-os <undetermined>
 CVE-2021-44148 (GL.iNet GL-AR150 2.x before 3.x devices, configured as 
repeaters, allo ...)
        NOT-FOR-US: GL.iNet
 CVE-2021-44147 (An XML External Entity issue in Claris FileMaker Pro and 
Server (inclu ...)
@@ -176948,7 +176948,7 @@ CVE-2021-38541
 CVE-2021-3699
        RESERVED
 CVE-2019-25052 (In Linaro OP-TEE before 3.7.0, by using inconsistent or 
malformed data ...)
-       NOT-FOR-US: Linaro/OP-TEE OP-TEE
+       - optee-os <undetermined>
 CVE-2021-38511 (An issue was discovered in the tar crate before 0.4.36 for 
Rust. When  ...)
        - rust-tar 0.4.37-1 (bug #992173)
        [bullseye] - rust-tar <no-dsa> (Minor issue)
@@ -183105,7 +183105,7 @@ CVE-2021-36135
 CVE-2021-36134 (Out of bounds write vulnerability in the JPEG parsing code of 
Netop Vi ...)
        NOT-FOR-US: McAfee
 CVE-2021-36133 (The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks 
security access ...)
-       NOT-FOR-US: OP-TEE
+       - optee-os <undetermined>
 CVE-2021-36132 (An issue was discovered in the FileImporter extension in 
MediaWiki thr ...)
        NOT-FOR-US: FileImport MediaWiki extension
        NOTE: 
https://lists.wikimedia.org/hyperkitty/list/wikitec...@lists.wikimedia.org/thread/M7MVMBYMLNIVLHCWL2KKZGH36HYN4YON/
@@ -335897,19 +335897,19 @@ CVE-2019-1010299 (The Rust Programming Language 
Standard Library 1.18.0 and late
        NOTE: https://github.com/rust-lang/rust/issues/53566
        NOTE: 
https://github.com/rust-lang/rust/pull/53571/commits/b85e4cc8fadaabd41da5b9645c08c68b8f89908d
 CVE-2019-1010298 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Buffer Overflow ...)
-       NOT-FOR-US: Linaro/OP-TEE OP-TEE
+       - optee-os <undetermined>
 CVE-2019-1010297 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Buffer Overflow ...)
-       NOT-FOR-US: Linaro/OP-TEE OP-TEE
+       - optee-os <undetermined>
 CVE-2019-1010296 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Buffer Overflow ...)
-       NOT-FOR-US: Linaro/OP-TEE OP-TEE
+       - optee-os <undetermined>
 CVE-2019-1010295 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Buffer Overflow ...)
-       NOT-FOR-US: Linaro/OP-TEE OP-TEE
+       - optee-os <undetermined>
 CVE-2019-1010294 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Rounding error. ...)
-       NOT-FOR-US: Linaro/OP-TEE OP-TEE
+       - optee-os <undetermined>
 CVE-2019-1010293 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: 
Boundary crossi ...)
-       NOT-FOR-US: Linaro/OP-TEE OP-TEE
+       - optee-os <undetermined>
 CVE-2019-1010292 (Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: 
Boundary  ...)
-       NOT-FOR-US: Linaro/OP-TEE OP-TEE
+       - optee-os <undetermined>
 CVE-2019-1010291
        RESERVED
 CVE-2019-1010290 (Babel: Multilingual site Babel All is affected by: Open 
Redirection. T ...)
@@ -407147,9 +407147,9 @@ CVE-2017-1000418 (The WildMidi_Open function in 
WildMIDI since commit d8a466829c
        NOTE: https://github.com/Mindwerks/wildmidi/issues/178
        NOTE: 
https://github.com/Mindwerks/wildmidi/commit/814f31d8eceda8401eb812fc2e94ed143fdad0ab
 CVE-2017-1000413 (Linaro's open source TEE solution called OP-TEE, version 
2.4.0 (and ol ...)
-       NOT-FOR-US: OP-TEE
+       - optee-os <undetermined>
 CVE-2017-1000412 (Linaro's open source TEE solution called OP-TEE, version 
2.4.0 (and ol ...)
-       NOT-FOR-US: OP-TEE
+       - optee-os <undetermined>
 CVE-2018-3816
        RESERVED
 CVE-2018-3815 (The "XML Interface to Messaging, Scheduling, and Signaling" 
(XIMSS) pr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8e129c49d5bf9a8e8f4c694e34eb30499c9b8f2f...6a8e6f07eb5f4817e7892b1dd48cb141c21a8b8c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8e129c49d5bf9a8e8f4c694e34eb30499c9b8f2f...6a8e6f07eb5f4817e7892b1dd48cb141c21a8b8c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: Fix typo in package note

Reply via email to