[Git][security-tracker-team/security-tracker][master] thunderbird, chromium fixed in sid
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 02e5afee by Moritz Muehlenhoff at 2022-12-02T08:57:21+01:00 thunderbird, chromium fixed in sid - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -422,74 +422,74 @@ CVE-2022-4197 CVE-2022-4196 RESERVED CVE-2022-4195 (Insufficient policy enforcement in Safe Browsing in Google Chrome prio ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4194 (Use after free in Accessibility in Google Chrome prior to 108.0.5359.7 ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4193 (Insufficient policy enforcement in File System API in Google Chrome pr ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4192 (Use after free in Live Caption in Google Chrome prior to 108.0.5359.71 ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4191 (Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allo ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4190 (Insufficient data validation in Directory in Google Chrome prior to 10 ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4189 (Insufficient policy enforcement in DevTools in Google Chrome prior to ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4188 (Insufficient validation of untrusted input in CORS in Google Chrome on ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4187 (Insufficient policy enforcement in DevTools in Google Chrome on Window ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4186 (Insufficient validation of untrusted input in Downloads in Google Chro ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4185 (Inappropriate implementation in Navigation in Google Chrome on iOS pri ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4184 (Insufficient policy enforcement in Autofill in Google Chrome prior to ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4183 (Insufficient policy enforcement in Popup Blocker in Google Chrome prio ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4182 (Inappropriate implementation in Fenced Frames in Google Chrome prior t ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4181 (Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowe ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4180 (Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-41795 RESERVED CVE-2022-41793 RESERVED CVE-2022-4179 (Use after free in Audio in Google Chrome prior to 108.0.5359.71 allowe ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4178 (Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4177 (Use after free in Extensions in Google Chrome prior to 108.0.5359.71 a ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4176 (Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS a ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4175 (Use after free in Camera Capture in Google Chrome prior to 108.0.5359. ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4174 (Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a ...) - - chromium + - chromium 108.0.5359.71-1 [buster] - chromium (see DSA 5046) CVE-2022-4173 RESERVED @@ -2910,7 +2910,7 @@ CVE-2022-45415 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-47/#CVE-2022-45415 CVE-2022-45414 RESERVED - - thunderbird + - thunderbird 1:102.5.1-1 [bullseye] - thunderbird (Minor
[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ca33be30 by Salvatore Bonaccorso at 2022-12-02T07:42:37+01:00 Add new nvidia-graphics-drivers issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -14027,6 +14027,8 @@ CVE-2022-42265 RESERVED CVE-2022-42264 RESERVED + - nvidia-graphics-drivers (bug #1025279) + [bullseye] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) @@ -14040,6 +14042,8 @@ CVE-2022-42264 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42263 RESERVED + - nvidia-graphics-drivers (bug #1025279) + [bullseye] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) @@ -14053,6 +14057,8 @@ CVE-2022-42263 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42262 RESERVED + - nvidia-graphics-drivers (bug #1025279) + [bullseye] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) @@ -14066,6 +14072,8 @@ CVE-2022-42262 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42261 RESERVED + - nvidia-graphics-drivers (bug #1025279) + [bullseye] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) @@ -14079,6 +14087,8 @@ CVE-2022-42261 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42260 RESERVED + - nvidia-graphics-drivers (bug #1025279) + [bullseye] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) @@ -14092,6 +14102,8 @@ CVE-2022-42260 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42259 RESERVED + - nvidia-graphics-drivers (bug #1025279) + [bullseye] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-legacy-340xx (bug #1025280) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) @@ -14108,6 +14120,8 @@ CVE-2022-42259 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42258 RESERVED + - nvidia-graphics-drivers (bug #1025279) + [bullseye] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-legacy-340xx (bug #1025280) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) @@ -14124,6 +14138,8 @@ CVE-2022-42258 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42257 RESERVED + - nvidia-graphics-drivers (bug #1025279) + [bullseye] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-legacy-340xx (bug #1025280) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) @@ -14140,6 +14156,8 @@ CVE-2022-42257 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42256 RESERVED + - nvidia-graphics-drivers (bug #1025279) + [bullseye] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) @@ -14153,6 +14171,8 @@ CVE-2022-42256 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42255 RESERVED + - nvidia-graphics-drivers (bug #1025279) + [bullseye] - nvidia-graphics-drivers (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) @@ -14164,6 +14184,8 @@ CVE-2022-42255 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42254 RESERVED +
[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-legacy-340xx issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3b8e4a2d by Salvatore Bonaccorso at 2022-12-02T07:39:33+01:00 Add new nvidia-graphics-drivers-legacy-340xx issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -14092,6 +14092,7 @@ CVE-2022-42260 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42259 RESERVED + - nvidia-graphics-drivers-legacy-340xx (bug #1025280) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) @@ -14107,6 +14108,7 @@ CVE-2022-42259 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42258 RESERVED + - nvidia-graphics-drivers-legacy-340xx (bug #1025280) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) @@ -14122,6 +14124,7 @@ CVE-2022-42258 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42257 RESERVED + - nvidia-graphics-drivers-legacy-340xx (bug #1025280) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) @@ -34208,6 +34211,7 @@ CVE-2022-34681 RESERVED CVE-2022-34680 RESERVED + - nvidia-graphics-drivers-legacy-340xx (bug #1025280) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) @@ -34238,6 +34242,7 @@ CVE-2022-34678 RESERVED CVE-2022-34677 RESERVED + - nvidia-graphics-drivers-legacy-340xx (bug #1025280) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) @@ -34255,6 +34260,7 @@ CVE-2022-34676 RESERVED CVE-2022-34675 RESERVED + - nvidia-graphics-drivers-legacy-340xx (bug #1025280) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) @@ -34270,6 +34276,7 @@ CVE-2022-34675 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34674 RESERVED + - nvidia-graphics-drivers-legacy-340xx (bug #1025280) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla (bug #1025287) @@ -34291,9 +34298,10 @@ CVE-2022-34671 RESERVED CVE-2022-34670 RESERVED - - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-legacy-340xx (bug #1025280) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) + - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b8e4a2d2eaf67f4ab4724e9b19dee3c65895493 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b8e4a2d2eaf67f4ab4724e9b19dee3c65895493 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Sort tesla related packages
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 74b3f2ef by Salvatore Bonaccorso at 2022-12-02T07:36:43+01:00 Sort tesla related packages - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -14092,9 +14092,9 @@ CVE-2022-42260 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42259 RESERVED - - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) + - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -14107,9 +14107,9 @@ CVE-2022-42259 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42258 RESERVED - - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) + - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -14122,9 +14122,9 @@ CVE-2022-42258 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42257 RESERVED - - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) + - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -34208,9 +34208,9 @@ CVE-2022-34681 RESERVED CVE-2022-34680 RESERVED - - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) + - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -34238,9 +34238,9 @@ CVE-2022-34678 RESERVED CVE-2022-34677 RESERVED - - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) + - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -34255,9 +34255,9 @@ CVE-2022-34676 RESERVED CVE-2022-34675 RESERVED - - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) + - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -34270,9 +34270,9 @@ CVE-2022-34675 - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34674 RESERVED - - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-legacy-390xx (bug #1025281) [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) + - nvidia-graphics-drivers-tesla (bug #1025287) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74b3f2ef0fa0210f8d81c6aafd6cbffcc84e3950 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74b3f2ef0fa0210f8d81c6aafd6cbffcc84e3950 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-legacy-390xx issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: cee63660 by Salvatore Bonaccorso at 2022-12-02T07:34:35+01:00 Add new nvidia-graphics-drivers-legacy-390xx issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -14093,6 +14093,8 @@ CVE-2022-42260 CVE-2022-42259 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-legacy-390xx (bug #1025281) + [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -14106,6 +14108,8 @@ CVE-2022-42259 CVE-2022-42258 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-legacy-390xx (bug #1025281) + [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -14119,6 +14123,8 @@ CVE-2022-42258 CVE-2022-42257 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-legacy-390xx (bug #1025281) + [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -34203,6 +34209,8 @@ CVE-2022-34681 CVE-2022-34680 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-legacy-390xx (bug #1025281) + [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -34231,6 +34239,8 @@ CVE-2022-34678 CVE-2022-34677 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-legacy-390xx (bug #1025281) + [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -34246,6 +34256,8 @@ CVE-2022-34676 CVE-2022-34675 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-legacy-390xx (bug #1025281) + [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -34259,6 +34271,8 @@ CVE-2022-34675 CVE-2022-34674 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-legacy-390xx (bug #1025281) + [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) @@ -34278,6 +34292,8 @@ CVE-2022-34671 CVE-2022-34670 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-legacy-390xx (bug #1025281) + [bullseye] - nvidia-graphics-drivers-legacy-390xx (Non-free not supported) - nvidia-graphics-drivers-tesla-418 (bug #1025282) [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cee6366056d7fc8b1bf5a7c97300570b1bfc9401 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cee6366056d7fc8b1bf5a7c97300570b1bfc9401 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-tesla-418 issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c71d55f7 by Salvatore Bonaccorso at 2022-12-02T07:15:21+01:00 Add new nvidia-graphics-drivers-tesla-418 issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -14028,6 +14028,8 @@ CVE-2022-42265 CVE-2022-42264 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-418 (bug #1025282) + [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) @@ -14039,6 +14041,8 @@ CVE-2022-42264 CVE-2022-42263 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-418 (bug #1025282) + [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) @@ -14050,6 +14054,8 @@ CVE-2022-42263 CVE-2022-42262 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-418 (bug #1025282) + [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) @@ -14061,6 +14067,8 @@ CVE-2022-42262 CVE-2022-42261 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-418 (bug #1025282) + [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) @@ -14072,6 +14080,8 @@ CVE-2022-42261 CVE-2022-42260 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-418 (bug #1025282) + [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) @@ -14083,6 +14093,8 @@ CVE-2022-42260 CVE-2022-42259 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-418 (bug #1025282) + [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) @@ -14094,6 +14106,8 @@ CVE-2022-42259 CVE-2022-42258 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-418 (bug #1025282) + [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) @@ -14105,6 +14119,8 @@ CVE-2022-42258 CVE-2022-42257 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-418 (bug #1025282) + [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) @@ -14116,6 +14132,8 @@ CVE-2022-42257 CVE-2022-42256 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-418 (bug #1025282) + [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported) - nvidia-graphics-drivers-tesla-450 (bug #1025283) [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) @@ -14127,6 +14145,8 @@ CVE-2022-42256 CVE-2022-42255 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-418 (bug #1025282) + [bullseye] - nvidia-graphics-drivers-tesla-418 (Non-free not supported)
[Git][security-tracker-team/security-tracker][master] Drop another uneeded note
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 9308f733 by Salvatore Bonaccorso at 2022-12-02T07:10:28+01:00 Drop another uneeded note - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -34158,7 +34158,6 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information Disclosure Vulnerability. Thi CVE-2022-34684 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) - NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 - nvidia-graphics-drivers-tesla-470 (bug #1025285) [bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9308f733e70d8bd3494b823c5153a0fa379d796c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9308f733e70d8bd3494b823c5153a0fa379d796c You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Remove one entry for nvidia-graphics-drivers-tesla-460
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 865afba3 by Salvatore Bonaccorso at 2022-12-02T07:08:42+01:00 Remove one entry for nvidia-graphics-drivers-tesla-460 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -34158,8 +34158,6 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information Disclosure Vulnerability. Thi CVE-2022-34684 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) - - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) - [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 - nvidia-graphics-drivers-tesla-470 (bug #1025285) [bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/865afba344c5d24336136a5474a3c707f55e8d30 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/865afba344c5d24336136a5474a3c707f55e8d30 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-tesla-450 issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d02999f8 by Salvatore Bonaccorso at 2022-12-02T07:07:13+01:00 Add new nvidia-graphics-drivers-tesla-450 issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -14028,6 +14028,8 @@ CVE-2022-42265 CVE-2022-42264 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-450 (bug #1025283) + [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 @@ -14037,6 +14039,8 @@ CVE-2022-42264 CVE-2022-42263 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-450 (bug #1025283) + [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 @@ -14046,6 +14050,8 @@ CVE-2022-42263 CVE-2022-42262 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-450 (bug #1025283) + [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 @@ -14055,6 +14061,8 @@ CVE-2022-42262 CVE-2022-42261 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-450 (bug #1025283) + [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 @@ -14064,6 +14072,8 @@ CVE-2022-42261 CVE-2022-42260 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-450 (bug #1025283) + [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 @@ -14073,6 +14083,8 @@ CVE-2022-42260 CVE-2022-42259 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-450 (bug #1025283) + [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 @@ -14082,6 +14094,8 @@ CVE-2022-42259 CVE-2022-42258 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-450 (bug #1025283) + [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 @@ -14091,6 +14105,8 @@ CVE-2022-42258 CVE-2022-42257 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-450 (bug #1025283) + [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 @@ -14100,6 +14116,8 @@ CVE-2022-42257 CVE-2022-42256 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-450 (bug #1025283) + [bullseye] - nvidia-graphics-drivers-tesla-450 (Non-free not supported) -
[Git][security-tracker-team/security-tracker][master] Add nvidia-graphics-drivers-tesla-460 issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 391ad99b by Salvatore Bonaccorso at 2022-12-02T07:02:44+01:00 Add nvidia-graphics-drivers-tesla-460 issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -14028,66 +14028,99 @@ CVE-2022-42265 CVE-2022-42264 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) + [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) + NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 - nvidia-graphics-drivers-tesla-470 (bug #1025285) [bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42263 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) + [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) + NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 - nvidia-graphics-drivers-tesla-470 (bug #1025285) [bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42262 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) + [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) + NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 - nvidia-graphics-drivers-tesla-470 (bug #1025285) [bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42261 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) + [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) + NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 - nvidia-graphics-drivers-tesla-470 (bug #1025285) [bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42260 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) + [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) + NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 - nvidia-graphics-drivers-tesla-470 (bug #1025285) [bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42259 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) + [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) + NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 - nvidia-graphics-drivers-tesla-470 (bug #1025285) [bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42258 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) + [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) + NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 - nvidia-graphics-drivers-tesla-470 (bug #1025285) [bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42257 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284) + [bullseye] - nvidia-graphics-drivers-tesla-460 (Non-free not supported) + NOTE: 460.106.00-3 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470 - nvidia-graphics-drivers-tesla-470 (bug #1025285) [bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42256 RESERVED -
[Git][security-tracker-team/security-tracker][master] Add nvidia-graphics-drivers-tesla-470 issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7475950b by Salvatore Bonaccorso at 2022-12-02T06:57:44+01:00 Add nvidia-graphics-drivers-tesla-470 issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -14028,46 +14028,68 @@ CVE-2022-42265 CVE-2022-42264 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42263 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42262 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42261 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42260 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42259 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42258 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42257 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42256 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42255 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42254 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42253 RESERVED @@ -34083,38 +34105,52 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information Disclosure Vulnerability. Thi CVE-2022-34684 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34683 RESERVED CVE-2022-34682 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34681 RESERVED CVE-2022-34680 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34679 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) +- nvidia-graphics-drivers-tesla-470 (bug #1025285) +[bullseye] - nvidia-graphics-drivers-tesla-470 (Non-free not supported) - nvidia-graphics-drivers-tesla-510 (bug
[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-tesla-510 issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3cbdb3d2 by Salvatore Bonaccorso at 2022-12-02T06:53:43+01:00 Add new nvidia-graphics-drivers-tesla-510 issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -14028,36 +14028,47 @@ CVE-2022-42265 CVE-2022-42264 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42263 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42262 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42261 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42260 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42259 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42258 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42257 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42256 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42255 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42254 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-42253 RESERVED CVE-2022-42252 (If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10. ...) @@ -34072,32 +34083,39 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information Disclosure Vulnerability. Thi CVE-2022-34684 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34683 RESERVED CVE-2022-34682 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34681 RESERVED CVE-2022-34680 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34679 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34678 RESERVED CVE-2022-34677 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34676 RESERVED CVE-2022-34675 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34674 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34673 RESERVED CVE-2022-34672 @@ -34107,6 +34125,7 @@ CVE-2022-34671 CVE-2022-34670 RESERVED - nvidia-graphics-drivers-tesla (bug #1025287) + - nvidia-graphics-drivers-tesla-510 (bug #1025286) CVE-2022-34669 RESERVED CVE-2022-34668 (NVFLARE, versions prior to 2.1.4, contains a vulnerability that deseri ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cbdb3d244d7711a44ab52c6d24dc725bfad4f01 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cbdb3d244d7711a44ab52c6d24dc725bfad4f01 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-tesla issues
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 9ff5f614 by Salvatore Bonaccorso at 2022-12-02T06:48:25+01:00 Add new nvidia-graphics-drivers-tesla issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -14027,26 +14027,37 @@ CVE-2022-42265 RESERVED CVE-2022-42264 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-42263 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-42262 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-42261 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-42260 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-42259 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-42258 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-42257 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-42256 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-42255 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-42254 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-42253 RESERVED CVE-2022-42252 (If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10. ...) @@ -34060,26 +34071,33 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information Disclosure Vulnerability. Thi NOT-FOR-US: Microsoft CVE-2022-34684 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-34683 RESERVED CVE-2022-34682 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-34681 RESERVED CVE-2022-34680 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-34679 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-34678 RESERVED CVE-2022-34677 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-34676 RESERVED CVE-2022-34675 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-34674 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-34673 RESERVED CVE-2022-34672 @@ -34088,6 +34106,7 @@ CVE-2022-34671 RESERVED CVE-2022-34670 RESERVED + - nvidia-graphics-drivers-tesla (bug #1025287) CVE-2022-34669 RESERVED CVE-2022-34668 (NVFLARE, versions prior to 2.1.4, contains a vulnerability that deseri ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ff5f61427852cb9caff6917d687178414cf287a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ff5f61427852cb9caff6917d687178414cf287a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Mark CVE-2022-22984 as NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b359f461 by Salvatore Bonaccorso at 2022-12-02T06:31:21+01:00 Mark CVE-2022-22984 as NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -59277,7 +59277,7 @@ CVE-2022-23812 (This affects the package node-ipc from 10.1.1 and before 10.1.3. CVE-2022-23811 RESERVED CVE-2022-22984 (The package snyk before 1.1064.0; the package snyk-mvn-plugin before 2 ...) - TODO: check + NOT-FOR-US: Snyk CVE-2022-22143 (The package convict before 6.2.2 are vulnerable to Prototype Pollution ...) NOT-FOR-US: Node convict CVE-2022-22138 (All versions of package fast-string-search are vulnerable to Denial of ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b359f461eba68403d33a87cb02ad3b3db5b591af -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b359f461eba68403d33a87cb02ad3b3db5b591af You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add CVE-2022-1471/snakeyaml
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 9560e130 by Salvatore Bonaccorso at 2022-12-02T06:28:06+01:00 Add CVE-2022-1471/snakeyaml - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -47915,7 +47915,8 @@ CVE-2022-1473 (The OPENSSL_LH_flush() function, which empties a hash table, cont CVE-2022-1472 (The Better Find and Replace WordPress plugin before 1.3.6 does not pro ...) NOT-FOR-US: WordPress plugin CVE-2022-1471 (SnakeYaml's Constructor() class does not restrict types which can be i ...) - TODO: check + - snakeyaml + NOTE: https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2 CVE-2022-1470 (The Ultimate WooCommerce CSV Importer WordPress plugin through 2.0 doe ...) NOT-FOR-US: WordPress plugin CVE-2022-1469 (The FiboSearch WordPress plugin before 1.17.0 does not sanitise and es ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9560e1307da4f502d39ab801306afc3d809cdead -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9560e1307da4f502d39ab801306afc3d809cdead You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2022-4520{2,4} (gpac) as end-of-life
Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker Commits: addabc15 by Anton Gladky at 2022-12-01T22:44:19+01:00 Mark CVE-2022-4520{2,4} (gpac) as end-of-life - - - - - bf924387 by Anton Gladky at 2022-12-01T23:00:50+01:00 LTS: add vlc to dla-needed.txt - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: = data/CVE/list = @@ -3400,6 +3400,7 @@ CVE-2022-45205 (Jeecg-boot v3.4.3 was discovered to contain a SQL injection vuln NOT-FOR-US: Jeecg-boot CVE-2022-45204 (GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a mem ...) - gpac + [buster] - gpac (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/issues/2307 NOTE: Introduced by: https://github.com/gpac/gpac/commit/74e53280dad7b29f85386c6a1286fb92643465da NOTE: Fixed by: https://github.com/gpac/gpac/commit/f045be5809808d64ebf8ce5ab628fa55786bea4f @@ -3408,6 +3409,7 @@ CVE-2022-45203 RESERVED CVE-2022-45202 (GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a sta ...) - gpac + [buster] - gpac (EOL in buster LTS) NOTE: https://github.com/gpac/gpac/issues/2296 NOTE: https://github.com/gpac/gpac/issues/2296#issuecomment-1303112783 NOTE: Fixed by: https://github.com/gpac/gpac/commit/74e53280dad7b29f85386c6a1286fb92643465da = data/dla-needed.txt = @@ -349,6 +349,12 @@ vim virglrenderer (Thorsten Alteholz) NOTE: 20221009: Programming language: C. -- +vlc + NOTE: 20221201: Programming language: C. + NOTE: 20221201: VCS: https://salsa.debian.org/lts-team/packages/vlc.git + NOTE: 20221201: Please try to find a real patch for CVE-2022-41325 (gladk). + NOTE: 20221201: Backporting of a new version would be not the best idea. (gladk). +-- xdg-utils NOTE: 20221120: Programming language: C. NOTE: 20221120: no real fix yet View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/58a84f5ccca8fdf907d2ec4a6de0882a14033c9f...bf92438714cc73a1ee0a63b7ac891069f0b7181d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/58a84f5ccca8fdf907d2ec4a6de0882a14033c9f...bf92438714cc73a1ee0a63b7ac891069f0b7181d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add CVE-2022-3933{1,2,3,4}/nextcloud-desktop
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 58a84f5c by Salvatore Bonaccorso at 2022-12-01T21:54:33+01:00 Add CVE-2022-3933{1,2,3,4}/nextcloud-desktop - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -21088,13 +21088,25 @@ CVE-2022-39336 CVE-2022-39335 RESERVED CVE-2022-39334 (Nextcloud desktop is the desktop sync client for Nextcloud. Versions p ...) - TODO: check + - nextcloud-desktop 3.6.1-1 + NOTE: https://github.com/nextcloud/security-advisories/security/advisories/GHSA-82xx-98xv-4jxv + NOTE: https://github.com/nextcloud/desktop/issues/4927 + NOTE: https://github.com/nextcloud/desktop/pull/5022 CVE-2022-39333 (Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker ...) - TODO: check + - nextcloud-desktop 3.6.1-1 + NOTE: https://github.com/nextcloud/security-advisories/security/advisories/GHSA-92p9-x79h-2mj8 + NOTE: https://github.com/nextcloud/desktop/pull/4972 + NOTE: https://hackerone.com/reports/1711847 CVE-2022-39332 (Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker ...) - TODO: check + - nextcloud-desktop 3.6.1-1 + NOTE: https://github.com/nextcloud/security-advisories/security/advisories/GHSA-q9f6-4r6r-h74p + NOTE: https://github.com/nextcloud/desktop/pull/4972 + NOTE: https://hackerone.com/reports/1668028 CVE-2022-39331 (Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker ...) - TODO: check + - nextcloud-desktop 3.6.1-1 + NOTE: https://github.com/nextcloud/security-advisories/security/advisories/GHSA-c3xh-q694-6rc5 + NOTE: https://github.com/nextcloud/desktop/pull/4944 + NOTE: https://hackerone.com/reports/1668028 CVE-2022-39330 (Nextcloud Server is the file server software for Nextcloud, a self-hos ...) - nextcloud-server (bug #941708) CVE-2022-39329 (Nextcloud Server is the file server software for Nextcloud, a self-hos ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58a84f5ccca8fdf907d2ec4a6de0882a14033c9f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58a84f5ccca8fdf907d2ec4a6de0882a14033c9f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d454788b by Salvatore Bonaccorso at 2022-12-01T21:44:26+01:00 Process several NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -107,7 +107,7 @@ CVE-2022-4259 CVE-2022-4258 RESERVED CVE-2022-4257 (A vulnerability was found in C-DATA Web Management System. It has been ...) - TODO: check + NOT-FOR-US: C-DATA Web Management System CVE-2022-4256 RESERVED CVE-2022-4255 @@ -115,19 +115,19 @@ CVE-2022-4255 CVE-2022-4254 RESERVED CVE-2022-4253 (A vulnerability was found in SourceCodester Canteen Management System. ...) - TODO: check + NOT-FOR-US: SourceCodester Canteen Management System CVE-2022-4252 (A vulnerability was found in SourceCodester Canteen Management System. ...) - TODO: check + NOT-FOR-US: SourceCodester Canteen Management System CVE-2022-4251 (A vulnerability was found in Movie Ticket Booking System and classifie ...) - TODO: check + NOT-FOR-US: Movie Ticket Booking System CVE-2022-4250 (A vulnerability has been found in Movie Ticket Booking System and clas ...) - TODO: check + NOT-FOR-US: Movie Ticket Booking System CVE-2022-4249 (A vulnerability, which was classified as problematic, was found in Mov ...) - TODO: check + NOT-FOR-US: Movie Ticket Booking System CVE-2022-4248 (A vulnerability, which was classified as critical, has been found in M ...) - TODO: check + NOT-FOR-US: Movie Ticket Booking System CVE-2022-4247 (A vulnerability classified as critical was found in Movie Ticket Booki ...) - TODO: check + NOT-FOR-US: Movie Ticket Booking System CVE-2022-4246 (A vulnerability classified as problematic has been found in Kakao PotP ...) TODO: check CVE-2022-46361 @@ -227,7 +227,7 @@ CVE-2022-4223 CVE-2022-4222 (A vulnerability was found in SourceCodester Canteen Management System. ...) NOT-FOR-US: SourceCodester Canteen Management System CVE-2022-4221 (Improper Neutralization of Special Elements used in an OS Command ('OS ...) - TODO: check + NOT-FOR-US: Asus NAS-M25 CVE-2022-4220 RESERVED CVE-2022-4219 @@ -1614,7 +1614,7 @@ CVE-2021-46854 (mod_radius in ProFTPD before 1.3.7c allows memory disclosure to NOTE: Fixed by: https://github.com/proftpd/proftpd/commit/10a227b4d50e0a2cd2faf87926f58d865da44e43 (v1.3.8rc2) NOTE: Fixed by: https://github.com/proftpd/proftpd/commit/e7c0b6e78a81fa97ec41ea6332e5e11b864089b8 (v1.3.7c) CVE-2022-45797 (An arbitrary file deletion vulnerability in the Damage Cleanup Engine ...) - TODO: check + NOT-FOR-US: Trend Micro CVE-2022-45796 RESERVED CVE-2022-45795 @@ -3961,7 +3961,7 @@ CVE-2022-45052 CVE-2022-45051 RESERVED CVE-2022-45050 (A reflected XSS vulnerability has been found in Axiell Iguana CMS, all ...) - TODO: check + NOT-FOR-US: Axiell Iguana CMS CVE-2022-45049 RESERVED CVE-2022-45048 @@ -7490,7 +7490,7 @@ CVE-2022-44039 CVE-2022-44038 (Russound XSourcePlayer 777D v06.08.03 was discovered to contain a remo ...) NOT-FOR-US: Russound XSourcePlayer 777D CVE-2022-44037 (An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) ...) - TODO: check + NOT-FOR-US: APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software CVE-2022-44036 RESERVED CVE-2022-44035 @@ -9531,15 +9531,15 @@ CVE-2022-43934 CVE-2022-43933 RESERVED CVE-2022-3713 (A code injection vulnerability allows adjacent attackers to execute co ...) - TODO: check + NOT-FOR-US: Sophos CVE-2022-3712 RESERVED CVE-2022-3711 (A post-auth read-only SQL injection vulnerability allows users to read ...) - TODO: check + NOT-FOR-US: Sophos CVE-2022-3710 (A post-auth read-only SQL injection vulnerability allows API clients t ...) - TODO: check + NOT-FOR-US: Sophos CVE-2022-3709 (A stored XSS vulnerability allows admin to super-admin privilege escal ...) - TODO: check + NOT-FOR-US: Sophos CVE-2022-3708 (The Web Stories plugin for WordPress is vulnerable to Server-Side Requ ...) NOT-FOR-US: Web Stories plugin for WordPress CVE-2022-3707 @@ -9612,9 +9612,9 @@ CVE-2022-43903 CVE-2022-43902 RESERVED CVE-2022-43901 (IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.3 coul ...) - TODO: check + NOT-FOR-US: IBM CVE-2022-43900 (IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 1.4.2 coul ...) - TODO: check + NOT-FOR-US: IBM CVE-2022-43899 RESERVED CVE-2022-43898 @@ -9919,7 +9919,7 @@ CVE-2022-3697 (A flaw was found in Ansible in the amazon.aws collection when usi NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2137664 NOTE:
[Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2022-44577
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f3638f69 by Salvatore Bonaccorso at 2022-12-01T21:22:20+01:00 Remove notes from CVE-2022-44577 CVE got rejected as further investigation showed that there is no security issue. - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -6285,7 +6285,6 @@ CVE-2022-44578 RESERVED CVE-2022-44577 REJECTED - NOT-FOR-US: WordPress plugin CVE-2022-44576 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Agen ...) NOT-FOR-US: WordPress plugin CVE-2022-44575 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3638f696e1e0ccee8ec9caef3c0301b2a29b1e5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3638f696e1e0ccee8ec9caef3c0301b2a29b1e5 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add CVE-2022-4520{2,4}/gpac
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2043ce6f by Salvatore Bonaccorso at 2022-12-01T21:14:08+01:00 Add CVE-2022-4520{2,4}/gpac - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -3399,11 +3399,18 @@ CVE-2022-45206 (Jeecg-boot v3.4.3 was discovered to contain a SQL injection vuln CVE-2022-45205 (Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerabil ...) NOT-FOR-US: Jeecg-boot CVE-2022-45204 (GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a mem ...) - TODO: check + - gpac + NOTE: https://github.com/gpac/gpac/issues/2307 + NOTE: Introduced by: https://github.com/gpac/gpac/commit/74e53280dad7b29f85386c6a1286fb92643465da + NOTE: Fixed by: https://github.com/gpac/gpac/commit/f045be5809808d64ebf8ce5ab628fa55786bea4f + TODO: double check, but introducing commit is the fix for CVE-2022-45202 CVE-2022-45203 RESERVED CVE-2022-45202 (GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a sta ...) - TODO: check + - gpac + NOTE: https://github.com/gpac/gpac/issues/2296 + NOTE: https://github.com/gpac/gpac/issues/2296#issuecomment-1303112783 + NOTE: Fixed by: https://github.com/gpac/gpac/commit/74e53280dad7b29f85386c6a1286fb92643465da CVE-2022-45201 RESERVED CVE-2022-45200 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2043ce6f832c953c32d40b5e166d932a85dfa7a2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2043ce6f832c953c32d40b5e166d932a85dfa7a2 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0541db70 by security tracker role at 2022-12-01T20:10:26+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,135 @@ +CVE-2023-21573 + RESERVED +CVE-2023-21572 + RESERVED +CVE-2023-21571 + RESERVED +CVE-2023-21570 + RESERVED +CVE-2023-21569 + RESERVED +CVE-2023-21568 + RESERVED +CVE-2023-21567 + RESERVED +CVE-2023-21566 + RESERVED +CVE-2023-21565 + RESERVED +CVE-2023-21564 + RESERVED +CVE-2023-21563 + RESERVED +CVE-2023-21562 + RESERVED +CVE-2023-21561 + RESERVED +CVE-2023-21560 + RESERVED +CVE-2023-21559 + RESERVED +CVE-2023-21558 + RESERVED +CVE-2023-21557 + RESERVED +CVE-2023-21556 + RESERVED +CVE-2023-21555 + RESERVED +CVE-2023-21554 + RESERVED +CVE-2023-21553 + RESERVED +CVE-2023-21552 + RESERVED +CVE-2023-21551 + RESERVED +CVE-2023-21550 + RESERVED +CVE-2023-21549 + RESERVED +CVE-2023-21548 + RESERVED +CVE-2023-21547 + RESERVED +CVE-2023-21546 + RESERVED +CVE-2023-21545 + RESERVED +CVE-2023-21544 + RESERVED +CVE-2023-21543 + RESERVED +CVE-2023-21542 + RESERVED +CVE-2023-21541 + RESERVED +CVE-2023-21540 + RESERVED +CVE-2023-21539 + RESERVED +CVE-2023-21538 + RESERVED +CVE-2023-21537 + RESERVED +CVE-2023-21536 + RESERVED +CVE-2023-21535 + RESERVED +CVE-2023-21534 + RESERVED +CVE-2023-21533 + RESERVED +CVE-2023-21532 + RESERVED +CVE-2023-21531 + RESERVED +CVE-2023-21530 + RESERVED +CVE-2023-21529 + RESERVED +CVE-2023-21528 + RESERVED +CVE-2023-21527 + RESERVED +CVE-2023-21526 + RESERVED +CVE-2023-21525 + RESERVED +CVE-2023-21524 + RESERVED +CVE-2022-4261 + RESERVED +CVE-2022-4260 + RESERVED +CVE-2022-4259 + RESERVED +CVE-2022-4258 + RESERVED +CVE-2022-4257 (A vulnerability was found in C-DATA Web Management System. It has been ...) + TODO: check +CVE-2022-4256 + RESERVED +CVE-2022-4255 + RESERVED +CVE-2022-4254 + RESERVED +CVE-2022-4253 (A vulnerability was found in SourceCodester Canteen Management System. ...) + TODO: check +CVE-2022-4252 (A vulnerability was found in SourceCodester Canteen Management System. ...) + TODO: check +CVE-2022-4251 (A vulnerability was found in Movie Ticket Booking System and classifie ...) + TODO: check +CVE-2022-4250 (A vulnerability has been found in Movie Ticket Booking System and clas ...) + TODO: check +CVE-2022-4249 (A vulnerability, which was classified as problematic, was found in Mov ...) + TODO: check +CVE-2022-4248 (A vulnerability, which was classified as critical, has been found in M ...) + TODO: check +CVE-2022-4247 (A vulnerability classified as critical was found in Movie Ticket Booki ...) + TODO: check +CVE-2022-4246 (A vulnerability classified as problematic has been found in Kakao PotP ...) + TODO: check CVE-2022-46361 RESERVED CVE-2022-43485 @@ -94,8 +226,8 @@ CVE-2022-4223 RESERVED CVE-2022-4222 (A vulnerability was found in SourceCodester Canteen Management System. ...) NOT-FOR-US: SourceCodester Canteen Management System -CVE-2022-4221 - RESERVED +CVE-2022-4221 (Improper Neutralization of Special Elements used in an OS Command ('OS ...) + TODO: check CVE-2022-4220 RESERVED CVE-2022-4219 @@ -1481,8 +1613,8 @@ CVE-2021-46854 (mod_radius in ProFTPD before 1.3.7c allows memory disclosure to NOTE: https://github.com/proftpd/proftpd/pull/1285 NOTE: Fixed by: https://github.com/proftpd/proftpd/commit/10a227b4d50e0a2cd2faf87926f58d865da44e43 (v1.3.8rc2) NOTE: Fixed by: https://github.com/proftpd/proftpd/commit/e7c0b6e78a81fa97ec41ea6332e5e11b864089b8 (v1.3.7c) -CVE-2022-45797 - RESERVED +CVE-2022-45797 (An arbitrary file deletion vulnerability in the Damage Cleanup Engine ...) + TODO: check CVE-2022-45796 RESERVED CVE-2022-45795 @@ -3821,8 +3953,8 @@ CVE-2022-45052 RESERVED CVE-2022-45051 RESERVED -CVE-2022-45050 - RESERVED +CVE-2022-45050 (A reflected XSS vulnerability has been found in Axiell Iguana CMS, all ...) + TODO: check CVE-2022-45049 RESERVED CVE-2022-45048 @@ -6144,7 +6276,8 @@ CVE-2022-44579 RESERVED CVE-2022-44578 RESERVED -CVE-2022-44577 (This CVE ID has been rejected or withdrawn by its CVE Numbering Author ...) +CVE-2022-44577 + REJECTED NOT-FOR-US: WordPress plugin CVE-2022-44576 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Agen ...) NOT-FOR-US: WordPress plugin @@ -9391,16 +9524,16 @@ CVE-2022-43934
[Git][security-tracker-team/security-tracker][master] Mark zorp as removed from every supported suite
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 759d1a75 by Salvatore Bonaccorso at 2022-12-01T21:04:24+01:00 Mark zorp as removed from every supported suite - - - - - 1 changed file: - data/packages/removed-packages Changes: = data/packages/removed-packages = @@ -927,3 +927,4 @@ yarssr zonecheck postgresql-14 ember +zorp View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/759d1a75a6860b4503e40b0929f81e83262002c8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/759d1a75a6860b4503e40b0929f81e83262002c8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-3328/snapd
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d03012a1 by Salvatore Bonaccorso at 2022-12-01T20:48:22+01:00 Track fixed version via unstable for CVE-2022-3328/snapd - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -15608,7 +15608,7 @@ CVE-2022-38099 (Improper input validation in BIOS firmware for some Intel(R) NUC NOT-FOR-US: Intel CVE-2022-3328 RESERVED - - snapd + - snapd 2.57.6-1 NOTE: https://github.com/snapcore/snapd/commit/6226cdc57052f4b7057d92f2e549aa169e35cd2d (2.57.6) NOTE: https://github.com/snapcore/snapd/commit/21ebc51f00b8a1417888faa2e83a372fd29d0f5e (2.57.6) NOTE: https://github.com/snapcore/snapd/commit/d9d8c2f6f6c0310bd10e3061030e8bf9e9e49949 (2.57.6) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d03012a11ac619c5093b6fb00e9c1636b671823f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d03012a11ac619c5093b6fb00e9c1636b671823f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] new thunderbird issue
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 44c6425b by Moritz Muehlenhoff at 2022-12-01T19:44:43+01:00 new thunderbird issue - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2778,6 +2778,9 @@ CVE-2022-45415 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-47/#CVE-2022-45415 CVE-2022-45414 RESERVED + - thunderbird + [bullseye] - thunderbird (Minor issue, fix along in next ESR update) + NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-50/#CVE-2022-45414 CVE-2022-45413 RESERVED - firefox (Android-specific) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c6425bc2d4003552cfad00617c87d41daab565 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c6425bc2d4003552cfad00617c87d41daab565 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] snapd DSA
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 167fdfa4 by Moritz Mühlenhoff at 2022-12-01T19:33:06+01:00 snapd DSA - - - - - 1 changed file: - data/DSA/list Changes: = data/DSA/list = @@ -1,3 +1,6 @@ +[01 Dec 2022] DSA-5292-1 snapd - security update + {CVE-2022-3328} + [bullseye] - snapd 2.49-1+deb11u2 [28 Nov 2022] DSA-5291-1 mujs - security update {CVE-2022-30974 CVE-2022-30975 CVE-2022-44789} [bullseye] - mujs 1.1.0-1+deb11u2 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/167fdfa4076e3f17ee4090c15a1c1504ccf6d600 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/167fdfa4076e3f17ee4090c15a1c1504ccf6d600 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-4139/linux
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ce60b085 by Salvatore Bonaccorso at 2022-12-01T16:29:01+01:00 Update status for CVE-2022-4139/linux - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1201,6 +1201,7 @@ CVE-2022-4140 CVE-2022-4139 RESERVED - linux 6.0.10-2 + [buster] - linux (Vulnerable code not present, only affects gen12 video and compute engines) NOTE: https://www.openwall.com/lists/oss-security/2022/11/30/1 NOTE: https://git.kernel.org/linus/04aa64375f48a5d430b5550d9271f8428883e550 CVE-2022-45897 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce60b085c5d183686264a6bb7012991ca2db12e9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce60b085c5d183686264a6bb7012991ca2db12e9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e5f2fc2b by Salvatore Bonaccorso at 2022-12-01T16:18:45+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -580,7 +580,7 @@ CVE-2022-46164 CVE-2022-46163 RESERVED CVE-2022-46162 (discourse-bbcode is the official BBCode plugin for Discourse. Prior to ...) - TODO: check + NOT-FOR-US: BBCode plugin for Discourse CVE-2022-46161 RESERVED CVE-2022-46160 @@ -1352,7 +1352,7 @@ CVE-2022-45844 CVE-2022-45843 RESERVED CVE-2022-45842 (Unauth. Race Condition vulnerability in WP ULike Plugin = 4.6.4 on ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2022-45841 RESERVED CVE-2022-45840 @@ -3846,7 +3846,7 @@ CVE-2022-3892 CVE-2022-3891 RESERVED CVE-2022-45045 (Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.0117.1 ...) - TODO: check + NOT-FOR-US: Xiongmai CVE-2022-3890 (Heap buffer overflow in Crashpad in Google Chrome on Android prior to ...) {DSA-5275-1} - chromium 107.0.5304.110-1 @@ -4648,7 +4648,7 @@ CVE-2022-3861 (The Betheme theme for WordPress is vulnerable to PHP Object Injec CVE-2022-3860 RESERVED CVE-2022-3859 (An uncontrolled search path vulnerability exists in Trellix Agent (TA) ...) - TODO: check + NOT-FOR-US: Trellix CVE-2022-3858 RESERVED CVE-2022-3857 [Null pointer dereference leads to segmentation fault] @@ -6287,9 +6287,9 @@ CVE-2022-44535 CVE-2022-44534 RESERVED CVE-2022-44533 (A vulnerability in the Aruba EdgeConnect Enterprise web management int ...) - TODO: check + NOT-FOR-US: Aruba CVE-2022-44532 (An authenticated path traversal vulnerability exists in the Aruba Edge ...) - TODO: check + NOT-FOR-US: Aruba CVE-2022-3785 (A vulnerability, which was classified as critical, has been found in A ...) NOT-FOR-US: Bento4 CVE-2022-3784 (A vulnerability classified as critical was found in Axiomatic Bento4 5 ...) @@ -6829,11 +6829,11 @@ CVE-2022-44298 CVE-2022-44297 RESERVED CVE-2022-44296 (Sanitization Management System v1.0 is vulnerable to SQL Injection via ...) - TODO: check + NOT-FOR-US: Sanitization Management System CVE-2022-44295 (Sanitization Management System v1.0 is vulnerable to SQL Injection via ...) - TODO: check + NOT-FOR-US: Sanitization Management System CVE-2022-44294 (Sanitization Management System v1.0 is vulnerable to SQL Injection via ...) - TODO: check + NOT-FOR-US: Sanitization Management System CVE-2022-44293 RESERVED CVE-2022-44292 @@ -7119,7 +7119,7 @@ CVE-2022-44153 CVE-2022-44152 RESERVED CVE-2022-44151 (Simple Inventory Management System v1.0 is vulnerable to SQL Injection ...) - TODO: check + NOT-FOR-US: Simple Inventory Management System CVE-2022-44150 RESERVED CVE-2022-44149 @@ -7149,7 +7149,7 @@ CVE-2022-44138 CVE-2022-44137 RESERVED CVE-2022-44136 (Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution (RCE). ...) - TODO: check + NOT-FOR-US: Zenario CMS CVE-2022-44135 RESERVED CVE-2022-44134 @@ -10375,9 +10375,9 @@ CVE-2022-43546 (A vulnerability has been identified in POWER METER SICAM Q100 (A CVE-2022-43545 (A vulnerability has been identified in POWER METER SICAM Q100 (All ver ...) NOT-FOR-US: Siemens CVE-2022-43542 (Vulnerabilities in the Aruba EdgeConnect Enterprise command line inter ...) - TODO: check + NOT-FOR-US: Aruba CVE-2022-43541 (Vulnerabilities in the Aruba EdgeConnect Enterprise command line inter ...) - TODO: check + NOT-FOR-US: Aruba CVE-2022-43540 RESERVED CVE-2022-43539 @@ -10423,7 +10423,7 @@ CVE-2022-43520 CVE-2022-43519 RESERVED CVE-2022-43518 (An authenticated path traversal vulnerability exists in the Aruba Edge ...) - TODO: check + NOT-FOR-US: Aruba CVE-2022-43517 RESERVED CVE-2022-43516 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5f2fc2ba07c835f4c8411b3722dd16661c85db0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5f2fc2ba07c835f4c8411b3722dd16661c85db0 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: fe33 by Salvatore Bonaccorso at 2022-12-01T16:15:04+01:00 Process one NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1833,7 +1833,7 @@ CVE-2022-45642 CVE-2022-45641 RESERVED CVE-2022-45640 (Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Cause ...) - TODO: check + NOT-FOR-US: Tenda CVE-2022-45639 RESERVED CVE-2022-45638 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe33aeba4f8f3b796e7593c61482b3076bfe -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe33aeba4f8f3b796e7593c61482b3076bfe You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: d551abbc by Moritz Muehlenhoff at 2022-12-01T11:44:16+01:00 new gitlab issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -180,8 +180,10 @@ CVE-2022-4207 RESERVED CVE-2022-4206 RESERVED + - gitlab CVE-2022-4205 RESERVED + - gitlab CVE-2022-4204 RESERVED CVE-2022-4203 @@ -276,6 +278,7 @@ CVE-2022-42489 RESERVED CVE-2022-4201 RESERVED + - gitlab CVE-2022-4200 RESERVED CVE-2022-4199 @@ -2312,6 +2315,7 @@ CVE-2022-4055 (When xdg-mail is configured to use thunderbird for mailto URLs, i NOTE: https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/205#note_1494267 CVE-2022-4054 RESERVED + - gitlab CVE-2022-45462 (Alarm instance management has command injection when there is a specif ...) NOT-FOR-US: Apache DolphinScheduler CVE-2022-45461 (The Java Admin Console in Veritas NetBackup through 10.1 and related V ...) @@ -3792,6 +3796,7 @@ CVE-2022-3903 (An incorrect read request flaw was found in the Infrared Transcei [bullseye] - linux 5.10.148-1 CVE-2022-3902 RESERVED + - gitlab CVE-2022-3901 RESERVED CVE-2022-3900 @@ -5960,6 +5965,7 @@ CVE-2022-3821 (An off-by-one Error issue was discovered in Systemd in format_tim NOTE: https://github.com/systemd/systemd-stable/commit/72d4c15a946d20143cd4c6783c802124bc894dc7 (v251.3) CVE-2022-3820 RESERVED + - gitlab CVE-2022-3819 (An improper authorization issue in GitLab CE/EE affecting all versions ...) - gitlab CVE-2022-3818 (An uncontrolled resource consumption issue when parsing URLs in GitLab ...) @@ -7504,6 +7510,7 @@ CVE-2022-3741 (Impact varies for each individual vulnerability in the applicatio NOT-FOR-US: chatwoot CVE-2022-3740 RESERVED + - gitlab CVE-2022-3739 RESERVED CVE-2022-3738 @@ -10941,6 +10948,7 @@ CVE-2022-3573 RESERVED CVE-2022-3572 RESERVED + - gitlab CVE-2022-3571 RESERVED CVE-2022-3570 (Multiple heap buffer overflows in tiffcrop.c utility in libtiff librar ...) @@ -12264,6 +12272,7 @@ CVE-2022-3483 (An issue has been discovered in GitLab CE/EE affecting all versio - gitlab CVE-2022-3482 RESERVED + - gitlab CVE-2022-3481 (The WooCommerce Dropshipping WordPress plugin before 4.4 does not prop ...) NOT-FOR-US: WordPress plugin CVE-2022-3480 (A remote, unauthenticated attacker could cause a denial-of-service of ...) @@ -12311,6 +12320,7 @@ CVE-2022-42897 (Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows u NOT-FOR-US: Array Networks CVE-2022-3478 RESERVED + - gitlab CVE-2022-42906 (powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbi ...) - powerline-gitstatus 1.3.2-1 [bullseye] - powerline-gitstatus (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d551abbc90988474a2ab82d071070a2964845928 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d551abbc90988474a2ab82d071070a2964845928 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] new vlc issue
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: dd1eb0da by Moritz Muehlenhoff at 2022-12-01T11:40:57+01:00 new vlc issue - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = data/CVE/list = @@ -16224,6 +16224,9 @@ CVE-2022-41326 (The web conferencing component of Mitel MiCollab through 9.6.0.1 NOT-FOR-US: Mitel CVE-2022-41325 RESERVED + - vlc 3.0.18-1 + NOTE: https://www.videolan.org/security/sb-vlc3018.html + NOTE: https://code.videolan.org/videolan/vlc/-/issues/27335 CVE-2022-41324 RESERVED CVE-2022-41323 (In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, i ...) = data/dsa-needed.txt = @@ -65,5 +65,7 @@ sox -- tiff -- +vlc +-- xfce4-settings (corsac) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd1eb0da04968eb4d89c625873aed2b45a00aa90 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd1eb0da04968eb4d89c625873aed2b45a00aa90 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for CVE-2022-4139/linux via unstable
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7a4a5c67 by Salvatore Bonaccorso at 2022-12-01T09:27:00+01:00 Track fixed version for CVE-2022-4139/linux via unstable - - - - - 72815a4c by Salvatore Bonaccorso at 2022-12-01T09:28:44+01:00 Remove notes from CVE-2021-38577 (CVE was incorrectly assigned) - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1197,7 +1197,7 @@ CVE-2022-4140 RESERVED CVE-2022-4139 RESERVED - - linux + - linux 6.0.10-2 NOTE: https://www.openwall.com/lists/oss-security/2022/11/30/1 NOTE: https://git.kernel.org/linus/04aa64375f48a5d430b5550d9271f8428883e550 CVE-2022-45897 @@ -96333,10 +96333,6 @@ CVE-2021-38578 (Existing CommBuffer checks in SmmEntryPoint will not catch under NOTE: https://edk2.groups.io/g/devel/message/90516 CVE-2021-38577 REJECTED - - edk2 (bug #1014468) - [bullseye] - edk2 (Minor issue) - [buster] - edk2 (Minor issue) - NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=3360 (private) CVE-2021-38576 (A BIOS bug in firmware for a particular PC model leaves the Platform a ...) - edk2 (bug #1014468) [bullseye] - edk2 (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4b0461025156e2baf3162e8c2678cb4c41a064ef...72815a4ce66b74c49c4a3298f5571e5a0f5afb3b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4b0461025156e2baf3162e8c2678cb4c41a064ef...72815a4ce66b74c49c4a3298f5571e5a0f5afb3b You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 4b046102 by security tracker role at 2022-12-01T08:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,19 @@ +CVE-2022-46361 + RESERVED +CVE-2022-43485 + RESERVED +CVE-2022-4245 + RESERVED +CVE-2022-4244 + RESERVED +CVE-2022-4243 + RESERVED +CVE-2022-4242 + RESERVED +CVE-2022-4241 + RESERVED +CVE-2022-4240 + RESERVED CVE-2022-46359 RESERVED CVE-2022-46358 @@ -560,8 +576,8 @@ CVE-2022-46164 RESERVED CVE-2022-46163 RESERVED -CVE-2022-46162 - RESERVED +CVE-2022-46162 (discourse-bbcode is the official BBCode plugin for Discourse. Prior to ...) + TODO: check CVE-2022-46161 RESERVED CVE-2022-46160 @@ -572,8 +588,8 @@ CVE-2022-46158 RESERVED CVE-2022-46157 RESERVED -CVE-2022-46156 - RESERVED +CVE-2022-46156 (The Synthetic Monitoring Agent for Grafana's Synthetic Monitoring appl ...) + TODO: check CVE-2022-46155 (Airtable.js is the JavaScript client for Airtable. Prior to version 0. ...) TODO: check CVE-2022-46154 @@ -1813,8 +1829,8 @@ CVE-2022-45642 RESERVED CVE-2022-45641 RESERVED -CVE-2022-45640 - RESERVED +CVE-2022-45640 (Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Cause ...) + TODO: check CVE-2022-45639 RESERVED CVE-2022-45638 @@ -3824,8 +3840,8 @@ CVE-2022-3892 RESERVED CVE-2022-3891 RESERVED -CVE-2022-45045 - RESERVED +CVE-2022-45045 (Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.0117.1 ...) + TODO: check CVE-2022-3890 (Heap buffer overflow in Crashpad in Google Chrome on Android prior to ...) {DSA-5275-1} - chromium 107.0.5304.110-1 @@ -6264,10 +6280,10 @@ CVE-2022-44535 RESERVED CVE-2022-44534 RESERVED -CVE-2022-44533 - RESERVED -CVE-2022-44532 - RESERVED +CVE-2022-44533 (A vulnerability in the Aruba EdgeConnect Enterprise web management int ...) + TODO: check +CVE-2022-44532 (An authenticated path traversal vulnerability exists in the Aruba Edge ...) + TODO: check CVE-2022-3785 (A vulnerability, which was classified as critical, has been found in A ...) NOT-FOR-US: Bento4 CVE-2022-3784 (A vulnerability classified as critical was found in Axiomatic Bento4 5 ...) @@ -6874,8 +6890,8 @@ CVE-2022-44264 RESERVED CVE-2022-44263 RESERVED -CVE-2022-44262 - RESERVED +CVE-2022-44262 (ff4j 1.8.1 is vulnerable to Remote Code Execution (RCE). ...) + TODO: check CVE-2022-44261 RESERVED CVE-2022-44260 (TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication b ...) @@ -10351,10 +10367,10 @@ CVE-2022-43546 (A vulnerability has been identified in POWER METER SICAM Q100 (A NOT-FOR-US: Siemens CVE-2022-43545 (A vulnerability has been identified in POWER METER SICAM Q100 (All ver ...) NOT-FOR-US: Siemens -CVE-2022-43542 - RESERVED -CVE-2022-43541 - RESERVED +CVE-2022-43542 (Vulnerabilities in the Aruba EdgeConnect Enterprise command line inter ...) + TODO: check +CVE-2022-43541 (Vulnerabilities in the Aruba EdgeConnect Enterprise command line inter ...) + TODO: check CVE-2022-43540 RESERVED CVE-2022-43539 @@ -10399,8 +10415,8 @@ CVE-2022-43520 RESERVED CVE-2022-43519 RESERVED -CVE-2022-43518 - RESERVED +CVE-2022-43518 (An authenticated path traversal vulnerability exists in the Aruba Edge ...) + TODO: check CVE-2022-43517 RESERVED CVE-2022-43516 @@ -13435,8 +13451,8 @@ CVE-2022-42448 RESERVED CVE-2022-42447 RESERVED -CVE-2022-42446 - RESERVED +CVE-2022-42446 (Starting with Sametime 12, anonymous users are enabled by default. Aft ...) + TODO: check CVE-2022-42445 (HCL Launch could allow a user with administrative privileges, includin ...) NOT-FOR-US: HCL CVE-2022-42444 @@ -14994,8 +15010,8 @@ CVE-2022-40965 (The affected product DIAEnergie (versions prior to v1.9.01.002) NOT-FOR-US: DIAEnergie CVE-2022-40703 (CWE-302 Authentication Bypass by Assumed-Immutable Data in AliveCor Ka ...) NOT-FOR-US: AliveCor Kardia App -CVE-2022-40204 - RESERVED +CVE-2022-40204 (A cross-site scripting (XSS) vulnerability exists in all current versi ...) + TODO: check CVE-2022-40202 (The database backup function in Delta Electronics InfraSuite Device Ma ...) NOT-FOR-US: Delta Electronics CVE-2022-40201 @@ -17345,8 +17361,8 @@ CVE-2022-40851 (Tenda AC15 V15.03.05.19 contained a stack overflow via the funct NOT-FOR-US: Tenda CVE-2022-40850 RESERVED -CVE-2022-40849 - RESERVED +CVE-2022-40849 (ThinkCMF version 6.0.7 is affected by Stored Cross-Site