[Git][security-tracker-team/security-tracker][master] thunderbird, chromium fixed in sid

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
02e5afee by Moritz Muehlenhoff at 2022-12-02T08:57:21+01:00
thunderbird, chromium fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -422,74 +422,74 @@ CVE-2022-4197
 CVE-2022-4196
RESERVED
 CVE-2022-4195 (Insufficient policy enforcement in Safe Browsing in Google 
Chrome prio ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4194 (Use after free in Accessibility in Google Chrome prior to 
108.0.5359.7 ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4193 (Insufficient policy enforcement in File System API in Google 
Chrome pr ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4192 (Use after free in Live Caption in Google Chrome prior to 
108.0.5359.71 ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4191 (Use after free in Sign-In in Google Chrome prior to 
108.0.5359.71 allo ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4190 (Insufficient data validation in Directory in Google Chrome 
prior to 10 ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4189 (Insufficient policy enforcement in DevTools in Google Chrome 
prior to  ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4188 (Insufficient validation of untrusted input in CORS in Google 
Chrome on ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4187 (Insufficient policy enforcement in DevTools in Google Chrome on 
Window ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4186 (Insufficient validation of untrusted input in Downloads in 
Google Chro ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4185 (Inappropriate implementation in Navigation in Google Chrome on 
iOS pri ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4184 (Insufficient policy enforcement in Autofill in Google Chrome 
prior to  ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4183 (Insufficient policy enforcement in Popup Blocker in Google 
Chrome prio ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4182 (Inappropriate implementation in Fenced Frames in Google Chrome 
prior t ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4181 (Use after free in Forms in Google Chrome prior to 108.0.5359.71 
allowe ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4180 (Use after free in Mojo in Google Chrome prior to 108.0.5359.71 
allowed ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-41795
RESERVED
 CVE-2022-41793
RESERVED
 CVE-2022-4179 (Use after free in Audio in Google Chrome prior to 108.0.5359.71 
allowe ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4178 (Use after free in Mojo in Google Chrome prior to 108.0.5359.71 
allowed ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4177 (Use after free in Extensions in Google Chrome prior to 
108.0.5359.71 a ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4176 (Out of bounds write in Lacros Graphics in Google Chrome on 
Chrome OS a ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4175 (Use after free in Camera Capture in Google Chrome prior to 
108.0.5359. ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4174 (Type confusion in V8 in Google Chrome prior to 108.0.5359.71 
allowed a ...)
-   - chromium 
+   - chromium 108.0.5359.71-1
[buster] - chromium  (see DSA 5046)
 CVE-2022-4173
RESERVED
@@ -2910,7 +2910,7 @@ CVE-2022-45415
NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-47/#CVE-2022-45415
 CVE-2022-45414
RESERVED
-   - thunderbird 
+   - thunderbird 1:102.5.1-1
[bullseye] - thunderbird  (Minor 

[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ca33be30 by Salvatore Bonaccorso at 2022-12-02T07:42:37+01:00
Add new nvidia-graphics-drivers issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -14027,6 +14027,8 @@ CVE-2022-42265
RESERVED
 CVE-2022-42264
RESERVED
+   - nvidia-graphics-drivers  (bug #1025279)
+   [bullseye] - nvidia-graphics-drivers  (Non-free not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
@@ -14040,6 +14042,8 @@ CVE-2022-42264
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42263
RESERVED
+   - nvidia-graphics-drivers  (bug #1025279)
+   [bullseye] - nvidia-graphics-drivers  (Non-free not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
@@ -14053,6 +14057,8 @@ CVE-2022-42263
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42262
RESERVED
+   - nvidia-graphics-drivers  (bug #1025279)
+   [bullseye] - nvidia-graphics-drivers  (Non-free not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
@@ -14066,6 +14072,8 @@ CVE-2022-42262
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42261
RESERVED
+   - nvidia-graphics-drivers  (bug #1025279)
+   [bullseye] - nvidia-graphics-drivers  (Non-free not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
@@ -14079,6 +14087,8 @@ CVE-2022-42261
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42260
RESERVED
+   - nvidia-graphics-drivers  (bug #1025279)
+   [bullseye] - nvidia-graphics-drivers  (Non-free not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
@@ -14092,6 +14102,8 @@ CVE-2022-42260
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42259
RESERVED
+   - nvidia-graphics-drivers  (bug #1025279)
+   [bullseye] - nvidia-graphics-drivers  (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx  (bug #1025280)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
@@ -14108,6 +14120,8 @@ CVE-2022-42259
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42258
RESERVED
+   - nvidia-graphics-drivers  (bug #1025279)
+   [bullseye] - nvidia-graphics-drivers  (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx  (bug #1025280)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
@@ -14124,6 +14138,8 @@ CVE-2022-42258
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42257
RESERVED
+   - nvidia-graphics-drivers  (bug #1025279)
+   [bullseye] - nvidia-graphics-drivers  (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx  (bug #1025280)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
@@ -14140,6 +14156,8 @@ CVE-2022-42257
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42256
RESERVED
+   - nvidia-graphics-drivers  (bug #1025279)
+   [bullseye] - nvidia-graphics-drivers  (Non-free not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
@@ -14153,6 +14171,8 @@ CVE-2022-42256
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42255
RESERVED
+   - nvidia-graphics-drivers  (bug #1025279)
+   [bullseye] - nvidia-graphics-drivers  (Non-free not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
@@ -14164,6 +14184,8 @@ CVE-2022-42255
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42254
RESERVED
+  

[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-legacy-340xx issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3b8e4a2d by Salvatore Bonaccorso at 2022-12-02T07:39:33+01:00
Add new nvidia-graphics-drivers-legacy-340xx issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -14092,6 +14092,7 @@ CVE-2022-42260
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42259
RESERVED
+   - nvidia-graphics-drivers-legacy-340xx  (bug #1025280)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
@@ -14107,6 +14108,7 @@ CVE-2022-42259
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42258
RESERVED
+   - nvidia-graphics-drivers-legacy-340xx  (bug #1025280)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
@@ -14122,6 +14124,7 @@ CVE-2022-42258
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42257
RESERVED
+   - nvidia-graphics-drivers-legacy-340xx  (bug #1025280)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
@@ -34208,6 +34211,7 @@ CVE-2022-34681
RESERVED
 CVE-2022-34680
RESERVED
+   - nvidia-graphics-drivers-legacy-340xx  (bug #1025280)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
@@ -34238,6 +34242,7 @@ CVE-2022-34678
RESERVED
 CVE-2022-34677
RESERVED
+   - nvidia-graphics-drivers-legacy-340xx  (bug #1025280)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
@@ -34255,6 +34260,7 @@ CVE-2022-34676
RESERVED
 CVE-2022-34675
RESERVED
+   - nvidia-graphics-drivers-legacy-340xx  (bug #1025280)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
@@ -34270,6 +34276,7 @@ CVE-2022-34675
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34674
RESERVED
+   - nvidia-graphics-drivers-legacy-340xx  (bug #1025280)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla  (bug #1025287)
@@ -34291,9 +34298,10 @@ CVE-2022-34671
RESERVED
 CVE-2022-34670
RESERVED
-   - nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-legacy-340xx  (bug #1025280)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b8e4a2d2eaf67f4ab4724e9b19dee3c65895493

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b8e4a2d2eaf67f4ab4724e9b19dee3c65895493
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Sort tesla related packages

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
74b3f2ef by Salvatore Bonaccorso at 2022-12-02T07:36:43+01:00
Sort tesla related packages

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -14092,9 +14092,9 @@ CVE-2022-42260
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42259
RESERVED
-   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -14107,9 +14107,9 @@ CVE-2022-42259
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42258
RESERVED
-   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -14122,9 +14122,9 @@ CVE-2022-42258
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42257
RESERVED
-   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -34208,9 +34208,9 @@ CVE-2022-34681
RESERVED
 CVE-2022-34680
RESERVED
-   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -34238,9 +34238,9 @@ CVE-2022-34678
RESERVED
 CVE-2022-34677
RESERVED
-   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -34255,9 +34255,9 @@ CVE-2022-34676
RESERVED
 CVE-2022-34675
RESERVED
-   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -34270,9 +34270,9 @@ CVE-2022-34675
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34674
RESERVED
-   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
[bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74b3f2ef0fa0210f8d81c6aafd6cbffcc84e3950

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74b3f2ef0fa0210f8d81c6aafd6cbffcc84e3950
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-legacy-390xx issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cee63660 by Salvatore Bonaccorso at 2022-12-02T07:34:35+01:00
Add new nvidia-graphics-drivers-legacy-390xx issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -14093,6 +14093,8 @@ CVE-2022-42260
 CVE-2022-42259
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
+   [bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -14106,6 +14108,8 @@ CVE-2022-42259
 CVE-2022-42258
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
+   [bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -14119,6 +14123,8 @@ CVE-2022-42258
 CVE-2022-42257
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
+   [bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -34203,6 +34209,8 @@ CVE-2022-34681
 CVE-2022-34680
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
+   [bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -34231,6 +34239,8 @@ CVE-2022-34678
 CVE-2022-34677
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
+   [bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -34246,6 +34256,8 @@ CVE-2022-34676
 CVE-2022-34675
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
+   [bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -34259,6 +34271,8 @@ CVE-2022-34675
 CVE-2022-34674
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
+   [bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
@@ -34278,6 +34292,8 @@ CVE-2022-34671
 CVE-2022-34670
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-legacy-390xx  (bug #1025281)
+   [bullseye] - nvidia-graphics-drivers-legacy-390xx  (Non-free 
not supported)
- nvidia-graphics-drivers-tesla-418  (bug #1025282)
[bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cee6366056d7fc8b1bf5a7c97300570b1bfc9401

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cee6366056d7fc8b1bf5a7c97300570b1bfc9401
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-tesla-418 issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c71d55f7 by Salvatore Bonaccorso at 2022-12-02T07:15:21+01:00
Add new nvidia-graphics-drivers-tesla-418 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -14028,6 +14028,8 @@ CVE-2022-42265
 CVE-2022-42264
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-418  (bug #1025282)
+   [bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
[bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
@@ -14039,6 +14041,8 @@ CVE-2022-42264
 CVE-2022-42263
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-418  (bug #1025282)
+   [bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
[bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
@@ -14050,6 +14054,8 @@ CVE-2022-42263
 CVE-2022-42262
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-418  (bug #1025282)
+   [bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
[bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
@@ -14061,6 +14067,8 @@ CVE-2022-42262
 CVE-2022-42261
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-418  (bug #1025282)
+   [bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
[bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
@@ -14072,6 +14080,8 @@ CVE-2022-42261
 CVE-2022-42260
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-418  (bug #1025282)
+   [bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
[bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
@@ -14083,6 +14093,8 @@ CVE-2022-42260
 CVE-2022-42259
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-418  (bug #1025282)
+   [bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
[bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
@@ -14094,6 +14106,8 @@ CVE-2022-42259
 CVE-2022-42258
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-418  (bug #1025282)
+   [bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
[bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
@@ -14105,6 +14119,8 @@ CVE-2022-42258
 CVE-2022-42257
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-418  (bug #1025282)
+   [bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
[bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
@@ -14116,6 +14132,8 @@ CVE-2022-42257
 CVE-2022-42256
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-418  (bug #1025282)
+   [bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-450  (bug #1025283)
[bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
@@ -14127,6 +14145,8 @@ CVE-2022-42256
 CVE-2022-42255
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-418  (bug #1025282)
+   [bullseye] - nvidia-graphics-drivers-tesla-418  (Non-free not 
supported)

[Git][security-tracker-team/security-tracker][master] Drop another uneeded note

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9308f733 by Salvatore Bonaccorso at 2022-12-02T07:10:28+01:00
Drop another uneeded note

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -34158,7 +34158,6 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information 
Disclosure Vulnerability. Thi
 CVE-2022-34684
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
-   NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
 - nvidia-graphics-drivers-tesla-470  (bug #1025285)
 [bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9308f733e70d8bd3494b823c5153a0fa379d796c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9308f733e70d8bd3494b823c5153a0fa379d796c
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Remove one entry for nvidia-graphics-drivers-tesla-460

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
865afba3 by Salvatore Bonaccorso at 2022-12-02T07:08:42+01:00
Remove one entry for nvidia-graphics-drivers-tesla-460

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -34158,8 +34158,6 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information 
Disclosure Vulnerability. Thi
 CVE-2022-34684
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
-   - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
-   [bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
 - nvidia-graphics-drivers-tesla-470  (bug #1025285)
 [bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/865afba344c5d24336136a5474a3c707f55e8d30

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/865afba344c5d24336136a5474a3c707f55e8d30
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-tesla-450 issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d02999f8 by Salvatore Bonaccorso at 2022-12-02T07:07:13+01:00
Add new nvidia-graphics-drivers-tesla-450 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -14028,6 +14028,8 @@ CVE-2022-42265
 CVE-2022-42264
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-450  (bug #1025283)
+   [bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
[bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
@@ -14037,6 +14039,8 @@ CVE-2022-42264
 CVE-2022-42263
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-450  (bug #1025283)
+   [bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
[bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
@@ -14046,6 +14050,8 @@ CVE-2022-42263
 CVE-2022-42262
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-450  (bug #1025283)
+   [bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
[bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
@@ -14055,6 +14061,8 @@ CVE-2022-42262
 CVE-2022-42261
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-450  (bug #1025283)
+   [bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
[bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
@@ -14064,6 +14072,8 @@ CVE-2022-42261
 CVE-2022-42260
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-450  (bug #1025283)
+   [bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
[bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
@@ -14073,6 +14083,8 @@ CVE-2022-42260
 CVE-2022-42259
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-450  (bug #1025283)
+   [bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
[bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
@@ -14082,6 +14094,8 @@ CVE-2022-42259
 CVE-2022-42258
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-450  (bug #1025283)
+   [bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
[bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
@@ -14091,6 +14105,8 @@ CVE-2022-42258
 CVE-2022-42257
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-450  (bug #1025283)
+   [bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
[bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
@@ -14100,6 +14116,8 @@ CVE-2022-42257
 CVE-2022-42256
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-450  (bug #1025283)
+   [bullseye] - nvidia-graphics-drivers-tesla-450  (Non-free not 
supported)
- 

[Git][security-tracker-team/security-tracker][master] Add nvidia-graphics-drivers-tesla-460 issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
391ad99b by Salvatore Bonaccorso at 2022-12-02T07:02:44+01:00
Add nvidia-graphics-drivers-tesla-460 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -14028,66 +14028,99 @@ CVE-2022-42265
 CVE-2022-42264
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
+   [bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
+   NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
 - nvidia-graphics-drivers-tesla-470  (bug #1025285)
 [bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42263
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
+   [bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
+   NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
 - nvidia-graphics-drivers-tesla-470  (bug #1025285)
 [bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42262
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
+   [bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
+   NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
 - nvidia-graphics-drivers-tesla-470  (bug #1025285)
 [bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42261
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
+   [bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
+   NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
 - nvidia-graphics-drivers-tesla-470  (bug #1025285)
 [bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42260
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
+   [bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
+   NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
 - nvidia-graphics-drivers-tesla-470  (bug #1025285)
 [bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42259
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
+   [bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
+   NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
 - nvidia-graphics-drivers-tesla-470  (bug #1025285)
 [bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42258
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
+   [bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
+   NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
 - nvidia-graphics-drivers-tesla-470  (bug #1025285)
 [bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42257
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1025284)
+   [bullseye] - nvidia-graphics-drivers-tesla-460  (Non-free not 
supported)
+   NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
 - nvidia-graphics-drivers-tesla-470  (bug #1025285)
 [bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42256
RESERVED
- 

[Git][security-tracker-team/security-tracker][master] Add nvidia-graphics-drivers-tesla-470 issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7475950b by Salvatore Bonaccorso at 2022-12-02T06:57:44+01:00
Add nvidia-graphics-drivers-tesla-470 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -14028,46 +14028,68 @@ CVE-2022-42265
 CVE-2022-42264
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42263
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42262
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42261
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42260
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42259
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42258
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42257
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42256
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42255
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42254
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42253
RESERVED
@@ -34083,38 +34105,52 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information 
Disclosure Vulnerability. Thi
 CVE-2022-34684
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34683
RESERVED
 CVE-2022-34682
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34681
RESERVED
 CVE-2022-34680
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34679
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+- nvidia-graphics-drivers-tesla-470  (bug #1025285)
+[bullseye] - nvidia-graphics-drivers-tesla-470  (Non-free not 
supported)
- nvidia-graphics-drivers-tesla-510  (bug 

[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-tesla-510 issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3cbdb3d2 by Salvatore Bonaccorso at 2022-12-02T06:53:43+01:00
Add new nvidia-graphics-drivers-tesla-510 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -14028,36 +14028,47 @@ CVE-2022-42265
 CVE-2022-42264
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42263
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42262
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42261
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42260
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42259
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42258
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42257
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42256
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42255
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42254
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-42253
RESERVED
 CVE-2022-42252 (If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 
10.0.0-M1 to 10. ...)
@@ -34072,32 +34083,39 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information 
Disclosure Vulnerability. Thi
 CVE-2022-34684
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34683
RESERVED
 CVE-2022-34682
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34681
RESERVED
 CVE-2022-34680
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34679
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34678
RESERVED
 CVE-2022-34677
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34676
RESERVED
 CVE-2022-34675
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34674
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34673
RESERVED
 CVE-2022-34672
@@ -34107,6 +34125,7 @@ CVE-2022-34671
 CVE-2022-34670
RESERVED
- nvidia-graphics-drivers-tesla  (bug #1025287)
+   - nvidia-graphics-drivers-tesla-510  (bug #1025286)
 CVE-2022-34669
RESERVED
 CVE-2022-34668 (NVFLARE, versions prior to 2.1.4, contains a vulnerability 
that deseri ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cbdb3d244d7711a44ab52c6d24dc725bfad4f01

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3cbdb3d244d7711a44ab52c6d24dc725bfad4f01
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add new nvidia-graphics-drivers-tesla issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9ff5f614 by Salvatore Bonaccorso at 2022-12-02T06:48:25+01:00
Add new nvidia-graphics-drivers-tesla issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -14027,26 +14027,37 @@ CVE-2022-42265
RESERVED
 CVE-2022-42264
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-42263
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-42262
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-42261
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-42260
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-42259
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-42258
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-42257
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-42256
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-42255
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-42254
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-42253
RESERVED
 CVE-2022-42252 (If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 
10.0.0-M1 to 10. ...)
@@ -34060,26 +34071,33 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information 
Disclosure Vulnerability. Thi
NOT-FOR-US: Microsoft
 CVE-2022-34684
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-34683
RESERVED
 CVE-2022-34682
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-34681
RESERVED
 CVE-2022-34680
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-34679
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-34678
RESERVED
 CVE-2022-34677
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-34676
RESERVED
 CVE-2022-34675
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-34674
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-34673
RESERVED
 CVE-2022-34672
@@ -34088,6 +34106,7 @@ CVE-2022-34671
RESERVED
 CVE-2022-34670
RESERVED
+   - nvidia-graphics-drivers-tesla  (bug #1025287)
 CVE-2022-34669
RESERVED
 CVE-2022-34668 (NVFLARE, versions prior to 2.1.4, contains a vulnerability 
that deseri ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ff5f61427852cb9caff6917d687178414cf287a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ff5f61427852cb9caff6917d687178414cf287a
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Mark CVE-2022-22984 as NFU

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b359f461 by Salvatore Bonaccorso at 2022-12-02T06:31:21+01:00
Mark CVE-2022-22984 as NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -59277,7 +59277,7 @@ CVE-2022-23812 (This affects the package node-ipc from 
10.1.1 and before 10.1.3.
 CVE-2022-23811
RESERVED
 CVE-2022-22984 (The package snyk before 1.1064.0; the package snyk-mvn-plugin 
before 2 ...)
-   TODO: check
+   NOT-FOR-US: Snyk
 CVE-2022-22143 (The package convict before 6.2.2 are vulnerable to Prototype 
Pollution ...)
NOT-FOR-US: Node convict
 CVE-2022-22138 (All versions of package fast-string-search are vulnerable to 
Denial of ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b359f461eba68403d33a87cb02ad3b3db5b591af

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b359f461eba68403d33a87cb02ad3b3db5b591af
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add CVE-2022-1471/snakeyaml

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9560e130 by Salvatore Bonaccorso at 2022-12-02T06:28:06+01:00
Add CVE-2022-1471/snakeyaml

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -47915,7 +47915,8 @@ CVE-2022-1473 (The OPENSSL_LH_flush() function, which 
empties a hash table, cont
 CVE-2022-1472 (The Better Find and Replace WordPress plugin before 1.3.6 does 
not pro ...)
NOT-FOR-US: WordPress plugin
 CVE-2022-1471 (SnakeYaml's Constructor() class does not restrict types which 
can be i ...)
-   TODO: check
+   - snakeyaml 
+   NOTE: 
https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2
 CVE-2022-1470 (The Ultimate WooCommerce CSV Importer WordPress plugin through 
2.0 doe ...)
NOT-FOR-US: WordPress plugin
 CVE-2022-1469 (The FiboSearch WordPress plugin before 1.17.0 does not sanitise 
and es ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9560e1307da4f502d39ab801306afc3d809cdead

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9560e1307da4f502d39ab801306afc3d809cdead
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2022-4520{2,4} (gpac) as end-of-life

[Anton Gladky (@gladk)]

Anton Gladky pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
addabc15 by Anton Gladky at 2022-12-01T22:44:19+01:00
Mark CVE-2022-4520{2,4} (gpac) as end-of-life

- - - - -
bf924387 by Anton Gladky at 2022-12-01T23:00:50+01:00
LTS: add vlc to dla-needed.txt

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=
data/CVE/list
=
@@ -3400,6 +3400,7 @@ CVE-2022-45205 (Jeecg-boot v3.4.3 was discovered to 
contain a SQL injection vuln
NOT-FOR-US: Jeecg-boot
 CVE-2022-45204 (GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to 
contain a mem ...)
- gpac 
+   [buster] - gpac  (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2307
NOTE: Introduced by: 
https://github.com/gpac/gpac/commit/74e53280dad7b29f85386c6a1286fb92643465da
NOTE: Fixed by: 
https://github.com/gpac/gpac/commit/f045be5809808d64ebf8ce5ab628fa55786bea4f
@@ -3408,6 +3409,7 @@ CVE-2022-45203
RESERVED
 CVE-2022-45202 (GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to 
contain a sta ...)
- gpac 
+   [buster] - gpac  (EOL in buster LTS)
NOTE: https://github.com/gpac/gpac/issues/2296
NOTE: https://github.com/gpac/gpac/issues/2296#issuecomment-1303112783
NOTE: Fixed by: 
https://github.com/gpac/gpac/commit/74e53280dad7b29f85386c6a1286fb92643465da


=
data/dla-needed.txt
=
@@ -349,6 +349,12 @@ vim
 virglrenderer (Thorsten Alteholz)
   NOTE: 20221009: Programming language: C.
 --
+vlc
+  NOTE: 20221201: Programming language: C.
+  NOTE: 20221201: VCS: https://salsa.debian.org/lts-team/packages/vlc.git
+  NOTE: 20221201: Please try to find a real patch for CVE-2022-41325 (gladk).
+  NOTE: 20221201: Backporting of a new version would be not the best idea. 
(gladk).
+--
 xdg-utils
   NOTE: 20221120: Programming language: C.
   NOTE: 20221120: no real fix yet



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/58a84f5ccca8fdf907d2ec4a6de0882a14033c9f...bf92438714cc73a1ee0a63b7ac891069f0b7181d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/58a84f5ccca8fdf907d2ec4a6de0882a14033c9f...bf92438714cc73a1ee0a63b7ac891069f0b7181d
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add CVE-2022-3933{1,2,3,4}/nextcloud-desktop

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
58a84f5c by Salvatore Bonaccorso at 2022-12-01T21:54:33+01:00
Add CVE-2022-3933{1,2,3,4}/nextcloud-desktop

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -21088,13 +21088,25 @@ CVE-2022-39336
 CVE-2022-39335
RESERVED
 CVE-2022-39334 (Nextcloud desktop is the desktop sync client for Nextcloud. 
Versions p ...)
-   TODO: check
+   - nextcloud-desktop 3.6.1-1
+   NOTE: 
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-82xx-98xv-4jxv
+   NOTE: https://github.com/nextcloud/desktop/issues/4927
+   NOTE: https://github.com/nextcloud/desktop/pull/5022
 CVE-2022-39333 (Nexcloud desktop is the Desktop sync client for Nextcloud. An 
attacker ...)
-   TODO: check
+   - nextcloud-desktop 3.6.1-1
+   NOTE: 
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-92p9-x79h-2mj8
+   NOTE: https://github.com/nextcloud/desktop/pull/4972
+   NOTE: https://hackerone.com/reports/1711847
 CVE-2022-39332 (Nexcloud desktop is the Desktop sync client for Nextcloud. An 
attacker ...)
-   TODO: check
+   - nextcloud-desktop 3.6.1-1
+   NOTE: 
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-q9f6-4r6r-h74p
+   NOTE: https://github.com/nextcloud/desktop/pull/4972
+   NOTE: https://hackerone.com/reports/1668028
 CVE-2022-39331 (Nexcloud desktop is the Desktop sync client for Nextcloud. An 
attacker ...)
-   TODO: check
+   - nextcloud-desktop 3.6.1-1
+   NOTE: 
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-c3xh-q694-6rc5
+   NOTE: https://github.com/nextcloud/desktop/pull/4944
+   NOTE: https://hackerone.com/reports/1668028
 CVE-2022-39330 (Nextcloud Server is the file server software for Nextcloud, a 
self-hos ...)
- nextcloud-server  (bug #941708)
 CVE-2022-39329 (Nextcloud Server is the file server software for Nextcloud, a 
self-hos ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58a84f5ccca8fdf907d2ec4a6de0882a14033c9f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58a84f5ccca8fdf907d2ec4a6de0882a14033c9f
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process several NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d454788b by Salvatore Bonaccorso at 2022-12-01T21:44:26+01:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -107,7 +107,7 @@ CVE-2022-4259
 CVE-2022-4258
RESERVED
 CVE-2022-4257 (A vulnerability was found in C-DATA Web Management System. It 
has been ...)
-   TODO: check
+   NOT-FOR-US: C-DATA Web Management System
 CVE-2022-4256
RESERVED
 CVE-2022-4255
@@ -115,19 +115,19 @@ CVE-2022-4255
 CVE-2022-4254
RESERVED
 CVE-2022-4253 (A vulnerability was found in SourceCodester Canteen Management 
System. ...)
-   TODO: check
+   NOT-FOR-US: SourceCodester Canteen Management System
 CVE-2022-4252 (A vulnerability was found in SourceCodester Canteen Management 
System. ...)
-   TODO: check
+   NOT-FOR-US: SourceCodester Canteen Management System
 CVE-2022-4251 (A vulnerability was found in Movie Ticket Booking System and 
classifie ...)
-   TODO: check
+   NOT-FOR-US: Movie Ticket Booking System
 CVE-2022-4250 (A vulnerability has been found in Movie Ticket Booking System 
and clas ...)
-   TODO: check
+   NOT-FOR-US: Movie Ticket Booking System
 CVE-2022-4249 (A vulnerability, which was classified as problematic, was found 
in Mov ...)
-   TODO: check
+   NOT-FOR-US: Movie Ticket Booking System
 CVE-2022-4248 (A vulnerability, which was classified as critical, has been 
found in M ...)
-   TODO: check
+   NOT-FOR-US: Movie Ticket Booking System
 CVE-2022-4247 (A vulnerability classified as critical was found in Movie 
Ticket Booki ...)
-   TODO: check
+   NOT-FOR-US: Movie Ticket Booking System
 CVE-2022-4246 (A vulnerability classified as problematic has been found in 
Kakao PotP ...)
TODO: check
 CVE-2022-46361
@@ -227,7 +227,7 @@ CVE-2022-4223
 CVE-2022-4222 (A vulnerability was found in SourceCodester Canteen Management 
System. ...)
NOT-FOR-US: SourceCodester Canteen Management System
 CVE-2022-4221 (Improper Neutralization of Special Elements used in an OS 
Command ('OS ...)
-   TODO: check
+   NOT-FOR-US: Asus NAS-M25
 CVE-2022-4220
RESERVED
 CVE-2022-4219
@@ -1614,7 +1614,7 @@ CVE-2021-46854 (mod_radius in ProFTPD before 1.3.7c 
allows memory disclosure to
NOTE: Fixed by: 
https://github.com/proftpd/proftpd/commit/10a227b4d50e0a2cd2faf87926f58d865da44e43
 (v1.3.8rc2)
NOTE: Fixed by: 
https://github.com/proftpd/proftpd/commit/e7c0b6e78a81fa97ec41ea6332e5e11b864089b8
 (v1.3.7c)
 CVE-2022-45797 (An arbitrary file deletion vulnerability in the Damage Cleanup 
Engine  ...)
-   TODO: check
+   NOT-FOR-US: Trend Micro
 CVE-2022-45796
RESERVED
 CVE-2022-45795
@@ -3961,7 +3961,7 @@ CVE-2022-45052
 CVE-2022-45051
RESERVED
 CVE-2022-45050 (A reflected XSS vulnerability has been found in Axiell Iguana 
CMS, all ...)
-   TODO: check
+   NOT-FOR-US: Axiell Iguana CMS
 CVE-2022-45049
RESERVED
 CVE-2022-45048
@@ -7490,7 +7490,7 @@ CVE-2022-44039
 CVE-2022-44038 (Russound XSourcePlayer 777D v06.08.03 was discovered to 
contain a remo ...)
NOT-FOR-US: Russound XSourcePlayer 777D
 CVE-2022-44037 (An access control issue in APsystems ENERGY COMMUNICATION UNIT 
(ECU-C) ...)
-   TODO: check
+   NOT-FOR-US: APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control 
Software
 CVE-2022-44036
RESERVED
 CVE-2022-44035
@@ -9531,15 +9531,15 @@ CVE-2022-43934
 CVE-2022-43933
RESERVED
 CVE-2022-3713 (A code injection vulnerability allows adjacent attackers to 
execute co ...)
-   TODO: check
+   NOT-FOR-US: Sophos
 CVE-2022-3712
RESERVED
 CVE-2022-3711 (A post-auth read-only SQL injection vulnerability allows users 
to read ...)
-   TODO: check
+   NOT-FOR-US: Sophos
 CVE-2022-3710 (A post-auth read-only SQL injection vulnerability allows API 
clients t ...)
-   TODO: check
+   NOT-FOR-US: Sophos
 CVE-2022-3709 (A stored XSS vulnerability allows admin to super-admin 
privilege escal ...)
-   TODO: check
+   NOT-FOR-US: Sophos
 CVE-2022-3708 (The Web Stories plugin for WordPress is vulnerable to 
Server-Side Requ ...)
NOT-FOR-US: Web Stories plugin for WordPress
 CVE-2022-3707
@@ -9612,9 +9612,9 @@ CVE-2022-43903
 CVE-2022-43902
RESERVED
 CVE-2022-43901 (IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 
1.4.3 coul ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-43900 (IBM WebSphere Automation for IBM Cloud Pak for Watson AIOps 
1.4.2 coul ...)
-   TODO: check
+   NOT-FOR-US: IBM
 CVE-2022-43899
RESERVED
 CVE-2022-43898
@@ -9919,7 +9919,7 @@ CVE-2022-3697 (A flaw was found in Ansible in the 
amazon.aws collection when usi
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2137664
NOTE: 

[Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2022-44577

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f3638f69 by Salvatore Bonaccorso at 2022-12-01T21:22:20+01:00
Remove notes from CVE-2022-44577

CVE got rejected as further investigation showed that there is no
security issue.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -6285,7 +6285,6 @@ CVE-2022-44578
RESERVED
 CVE-2022-44577
REJECTED
-   NOT-FOR-US: WordPress plugin
 CVE-2022-44576 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Agen ...)
NOT-FOR-US: WordPress plugin
 CVE-2022-44575



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3638f696e1e0ccee8ec9caef3c0301b2a29b1e5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3638f696e1e0ccee8ec9caef3c0301b2a29b1e5
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add CVE-2022-4520{2,4}/gpac

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2043ce6f by Salvatore Bonaccorso at 2022-12-01T21:14:08+01:00
Add CVE-2022-4520{2,4}/gpac

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -3399,11 +3399,18 @@ CVE-2022-45206 (Jeecg-boot v3.4.3 was discovered to 
contain a SQL injection vuln
 CVE-2022-45205 (Jeecg-boot v3.4.3 was discovered to contain a SQL injection 
vulnerabil ...)
NOT-FOR-US: Jeecg-boot
 CVE-2022-45204 (GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to 
contain a mem ...)
-   TODO: check
+   - gpac 
+   NOTE: https://github.com/gpac/gpac/issues/2307
+   NOTE: Introduced by: 
https://github.com/gpac/gpac/commit/74e53280dad7b29f85386c6a1286fb92643465da
+   NOTE: Fixed by: 
https://github.com/gpac/gpac/commit/f045be5809808d64ebf8ce5ab628fa55786bea4f
+   TODO: double check, but introducing commit is the fix for CVE-2022-45202
 CVE-2022-45203
RESERVED
 CVE-2022-45202 (GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to 
contain a sta ...)
-   TODO: check
+   - gpac 
+   NOTE: https://github.com/gpac/gpac/issues/2296
+   NOTE: https://github.com/gpac/gpac/issues/2296#issuecomment-1303112783
+   NOTE: Fixed by: 
https://github.com/gpac/gpac/commit/74e53280dad7b29f85386c6a1286fb92643465da
 CVE-2022-45201
RESERVED
 CVE-2022-45200



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2043ce6f832c953c32d40b5e166d932a85dfa7a2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2043ce6f832c953c32d40b5e166d932a85dfa7a2
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0541db70 by security tracker role at 2022-12-01T20:10:26+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,135 @@
+CVE-2023-21573
+   RESERVED
+CVE-2023-21572
+   RESERVED
+CVE-2023-21571
+   RESERVED
+CVE-2023-21570
+   RESERVED
+CVE-2023-21569
+   RESERVED
+CVE-2023-21568
+   RESERVED
+CVE-2023-21567
+   RESERVED
+CVE-2023-21566
+   RESERVED
+CVE-2023-21565
+   RESERVED
+CVE-2023-21564
+   RESERVED
+CVE-2023-21563
+   RESERVED
+CVE-2023-21562
+   RESERVED
+CVE-2023-21561
+   RESERVED
+CVE-2023-21560
+   RESERVED
+CVE-2023-21559
+   RESERVED
+CVE-2023-21558
+   RESERVED
+CVE-2023-21557
+   RESERVED
+CVE-2023-21556
+   RESERVED
+CVE-2023-21555
+   RESERVED
+CVE-2023-21554
+   RESERVED
+CVE-2023-21553
+   RESERVED
+CVE-2023-21552
+   RESERVED
+CVE-2023-21551
+   RESERVED
+CVE-2023-21550
+   RESERVED
+CVE-2023-21549
+   RESERVED
+CVE-2023-21548
+   RESERVED
+CVE-2023-21547
+   RESERVED
+CVE-2023-21546
+   RESERVED
+CVE-2023-21545
+   RESERVED
+CVE-2023-21544
+   RESERVED
+CVE-2023-21543
+   RESERVED
+CVE-2023-21542
+   RESERVED
+CVE-2023-21541
+   RESERVED
+CVE-2023-21540
+   RESERVED
+CVE-2023-21539
+   RESERVED
+CVE-2023-21538
+   RESERVED
+CVE-2023-21537
+   RESERVED
+CVE-2023-21536
+   RESERVED
+CVE-2023-21535
+   RESERVED
+CVE-2023-21534
+   RESERVED
+CVE-2023-21533
+   RESERVED
+CVE-2023-21532
+   RESERVED
+CVE-2023-21531
+   RESERVED
+CVE-2023-21530
+   RESERVED
+CVE-2023-21529
+   RESERVED
+CVE-2023-21528
+   RESERVED
+CVE-2023-21527
+   RESERVED
+CVE-2023-21526
+   RESERVED
+CVE-2023-21525
+   RESERVED
+CVE-2023-21524
+   RESERVED
+CVE-2022-4261
+   RESERVED
+CVE-2022-4260
+   RESERVED
+CVE-2022-4259
+   RESERVED
+CVE-2022-4258
+   RESERVED
+CVE-2022-4257 (A vulnerability was found in C-DATA Web Management System. It 
has been ...)
+   TODO: check
+CVE-2022-4256
+   RESERVED
+CVE-2022-4255
+   RESERVED
+CVE-2022-4254
+   RESERVED
+CVE-2022-4253 (A vulnerability was found in SourceCodester Canteen Management 
System. ...)
+   TODO: check
+CVE-2022-4252 (A vulnerability was found in SourceCodester Canteen Management 
System. ...)
+   TODO: check
+CVE-2022-4251 (A vulnerability was found in Movie Ticket Booking System and 
classifie ...)
+   TODO: check
+CVE-2022-4250 (A vulnerability has been found in Movie Ticket Booking System 
and clas ...)
+   TODO: check
+CVE-2022-4249 (A vulnerability, which was classified as problematic, was found 
in Mov ...)
+   TODO: check
+CVE-2022-4248 (A vulnerability, which was classified as critical, has been 
found in M ...)
+   TODO: check
+CVE-2022-4247 (A vulnerability classified as critical was found in Movie 
Ticket Booki ...)
+   TODO: check
+CVE-2022-4246 (A vulnerability classified as problematic has been found in 
Kakao PotP ...)
+   TODO: check
 CVE-2022-46361
RESERVED
 CVE-2022-43485
@@ -94,8 +226,8 @@ CVE-2022-4223
RESERVED
 CVE-2022-4222 (A vulnerability was found in SourceCodester Canteen Management 
System. ...)
NOT-FOR-US: SourceCodester Canteen Management System
-CVE-2022-4221
-   RESERVED
+CVE-2022-4221 (Improper Neutralization of Special Elements used in an OS 
Command ('OS ...)
+   TODO: check
 CVE-2022-4220
RESERVED
 CVE-2022-4219
@@ -1481,8 +1613,8 @@ CVE-2021-46854 (mod_radius in ProFTPD before 1.3.7c 
allows memory disclosure to
NOTE: https://github.com/proftpd/proftpd/pull/1285
NOTE: Fixed by: 
https://github.com/proftpd/proftpd/commit/10a227b4d50e0a2cd2faf87926f58d865da44e43
 (v1.3.8rc2)
NOTE: Fixed by: 
https://github.com/proftpd/proftpd/commit/e7c0b6e78a81fa97ec41ea6332e5e11b864089b8
 (v1.3.7c)
-CVE-2022-45797
-   RESERVED
+CVE-2022-45797 (An arbitrary file deletion vulnerability in the Damage Cleanup 
Engine  ...)
+   TODO: check
 CVE-2022-45796
RESERVED
 CVE-2022-45795
@@ -3821,8 +3953,8 @@ CVE-2022-45052
RESERVED
 CVE-2022-45051
RESERVED
-CVE-2022-45050
-   RESERVED
+CVE-2022-45050 (A reflected XSS vulnerability has been found in Axiell Iguana 
CMS, all ...)
+   TODO: check
 CVE-2022-45049
RESERVED
 CVE-2022-45048
@@ -6144,7 +6276,8 @@ CVE-2022-44579
RESERVED
 CVE-2022-44578
RESERVED
-CVE-2022-44577 (This CVE ID has been rejected or withdrawn by its CVE 
Numbering Author ...)
+CVE-2022-44577
+   REJECTED
NOT-FOR-US: WordPress plugin
 CVE-2022-44576 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability 
in Agen ...)
NOT-FOR-US: WordPress plugin
@@ -9391,16 +9524,16 @@ CVE-2022-43934

[Git][security-tracker-team/security-tracker][master] Mark zorp as removed from every supported suite

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
759d1a75 by Salvatore Bonaccorso at 2022-12-01T21:04:24+01:00
Mark zorp as removed from every supported suite

- - - - -


1 changed file:

- data/packages/removed-packages


Changes:

=
data/packages/removed-packages
=
@@ -927,3 +927,4 @@ yarssr
 zonecheck
 postgresql-14
 ember
+zorp



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/759d1a75a6860b4503e40b0929f81e83262002c8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/759d1a75a6860b4503e40b0929f81e83262002c8
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-3328/snapd

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d03012a1 by Salvatore Bonaccorso at 2022-12-01T20:48:22+01:00
Track fixed version via unstable for CVE-2022-3328/snapd

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -15608,7 +15608,7 @@ CVE-2022-38099 (Improper input validation in BIOS 
firmware for some Intel(R) NUC
NOT-FOR-US: Intel
 CVE-2022-3328
RESERVED
-   - snapd 
+   - snapd 2.57.6-1
NOTE: 
https://github.com/snapcore/snapd/commit/6226cdc57052f4b7057d92f2e549aa169e35cd2d
 (2.57.6)
NOTE: 
https://github.com/snapcore/snapd/commit/21ebc51f00b8a1417888faa2e83a372fd29d0f5e
 (2.57.6)
NOTE: 
https://github.com/snapcore/snapd/commit/d9d8c2f6f6c0310bd10e3061030e8bf9e9e49949
 (2.57.6)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d03012a11ac619c5093b6fb00e9c1636b671823f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d03012a11ac619c5093b6fb00e9c1636b671823f
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] new thunderbird issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
44c6425b by Moritz Muehlenhoff at 2022-12-01T19:44:43+01:00
new thunderbird issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -2778,6 +2778,9 @@ CVE-2022-45415
NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-47/#CVE-2022-45415
 CVE-2022-45414
RESERVED
+   - thunderbird 
+   [bullseye] - thunderbird  (Minor issue, fix along in next 
ESR update)
+   NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-50/#CVE-2022-45414
 CVE-2022-45413
RESERVED
- firefox  (Android-specific)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c6425bc2d4003552cfad00617c87d41daab565

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c6425bc2d4003552cfad00617c87d41daab565
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] snapd DSA

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
167fdfa4 by Moritz Mühlenhoff at 2022-12-01T19:33:06+01:00
snapd DSA

- - - - -


1 changed file:

- data/DSA/list


Changes:

=
data/DSA/list
=
@@ -1,3 +1,6 @@
+[01 Dec 2022] DSA-5292-1 snapd - security update
+   {CVE-2022-3328}
+   [bullseye] - snapd 2.49-1+deb11u2
 [28 Nov 2022] DSA-5291-1 mujs - security update
{CVE-2022-30974 CVE-2022-30975 CVE-2022-44789}
[bullseye] - mujs 1.1.0-1+deb11u2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/167fdfa4076e3f17ee4090c15a1c1504ccf6d600

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/167fdfa4076e3f17ee4090c15a1c1504ccf6d600
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-4139/linux

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ce60b085 by Salvatore Bonaccorso at 2022-12-01T16:29:01+01:00
Update status for CVE-2022-4139/linux

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1201,6 +1201,7 @@ CVE-2022-4140
 CVE-2022-4139
RESERVED
- linux 6.0.10-2
+   [buster] - linux  (Vulnerable code not present, only 
affects gen12 video and compute engines)
NOTE: https://www.openwall.com/lists/oss-security/2022/11/30/1
NOTE: 
https://git.kernel.org/linus/04aa64375f48a5d430b5550d9271f8428883e550
 CVE-2022-45897



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce60b085c5d183686264a6bb7012991ca2db12e9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce60b085c5d183686264a6bb7012991ca2db12e9
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e5f2fc2b by Salvatore Bonaccorso at 2022-12-01T16:18:45+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -580,7 +580,7 @@ CVE-2022-46164
 CVE-2022-46163
RESERVED
 CVE-2022-46162 (discourse-bbcode is the official BBCode plugin for Discourse. 
Prior to ...)
-   TODO: check
+   NOT-FOR-US: BBCode plugin for Discourse
 CVE-2022-46161
RESERVED
 CVE-2022-46160
@@ -1352,7 +1352,7 @@ CVE-2022-45844
 CVE-2022-45843
RESERVED
 CVE-2022-45842 (Unauth. Race Condition vulnerability in WP ULike Plugin = 
4.6.4 on ...)
-   TODO: check
+   NOT-FOR-US: WordPress plugin
 CVE-2022-45841
RESERVED
 CVE-2022-45840
@@ -3846,7 +3846,7 @@ CVE-2022-3892
 CVE-2022-3891
RESERVED
 CVE-2022-45045 (Multiple Xiongmai NVR devices, including MBD6304T 
V4.02.R11.0117.1 ...)
-   TODO: check
+   NOT-FOR-US: Xiongmai
 CVE-2022-3890 (Heap buffer overflow in Crashpad in Google Chrome on Android 
prior to  ...)
{DSA-5275-1}
- chromium 107.0.5304.110-1
@@ -4648,7 +4648,7 @@ CVE-2022-3861 (The Betheme theme for WordPress is 
vulnerable to PHP Object Injec
 CVE-2022-3860
RESERVED
 CVE-2022-3859 (An uncontrolled search path vulnerability exists in Trellix 
Agent (TA) ...)
-   TODO: check
+   NOT-FOR-US: Trellix
 CVE-2022-3858
RESERVED
 CVE-2022-3857 [Null pointer dereference leads to segmentation fault]
@@ -6287,9 +6287,9 @@ CVE-2022-44535
 CVE-2022-44534
RESERVED
 CVE-2022-44533 (A vulnerability in the Aruba EdgeConnect Enterprise web 
management int ...)
-   TODO: check
+   NOT-FOR-US: Aruba
 CVE-2022-44532 (An authenticated path traversal vulnerability exists in the 
Aruba Edge ...)
-   TODO: check
+   NOT-FOR-US: Aruba
 CVE-2022-3785 (A vulnerability, which was classified as critical, has been 
found in A ...)
NOT-FOR-US: Bento4
 CVE-2022-3784 (A vulnerability classified as critical was found in Axiomatic 
Bento4 5 ...)
@@ -6829,11 +6829,11 @@ CVE-2022-44298
 CVE-2022-44297
RESERVED
 CVE-2022-44296 (Sanitization Management System v1.0 is vulnerable to SQL 
Injection via ...)
-   TODO: check
+   NOT-FOR-US: Sanitization Management System
 CVE-2022-44295 (Sanitization Management System v1.0 is vulnerable to SQL 
Injection via ...)
-   TODO: check
+   NOT-FOR-US: Sanitization Management System
 CVE-2022-44294 (Sanitization Management System v1.0 is vulnerable to SQL 
Injection via ...)
-   TODO: check
+   NOT-FOR-US: Sanitization Management System
 CVE-2022-44293
RESERVED
 CVE-2022-44292
@@ -7119,7 +7119,7 @@ CVE-2022-44153
 CVE-2022-44152
RESERVED
 CVE-2022-44151 (Simple Inventory Management System v1.0 is vulnerable to SQL 
Injection ...)
-   TODO: check
+   NOT-FOR-US: Simple Inventory Management System
 CVE-2022-44150
RESERVED
 CVE-2022-44149
@@ -7149,7 +7149,7 @@ CVE-2022-44138
 CVE-2022-44137
RESERVED
 CVE-2022-44136 (Zenario CMS 9.3.57186 is vulnerable to Remote Code Excution 
(RCE). ...)
-   TODO: check
+   NOT-FOR-US: Zenario CMS
 CVE-2022-44135
RESERVED
 CVE-2022-44134
@@ -10375,9 +10375,9 @@ CVE-2022-43546 (A vulnerability has been identified in 
POWER METER SICAM Q100 (A
 CVE-2022-43545 (A vulnerability has been identified in POWER METER SICAM Q100 
(All ver ...)
NOT-FOR-US: Siemens
 CVE-2022-43542 (Vulnerabilities in the Aruba EdgeConnect Enterprise command 
line inter ...)
-   TODO: check
+   NOT-FOR-US: Aruba
 CVE-2022-43541 (Vulnerabilities in the Aruba EdgeConnect Enterprise command 
line inter ...)
-   TODO: check
+   NOT-FOR-US: Aruba
 CVE-2022-43540
RESERVED
 CVE-2022-43539
@@ -10423,7 +10423,7 @@ CVE-2022-43520
 CVE-2022-43519
RESERVED
 CVE-2022-43518 (An authenticated path traversal vulnerability exists in the 
Aruba Edge ...)
-   TODO: check
+   NOT-FOR-US: Aruba
 CVE-2022-43517
RESERVED
 CVE-2022-43516



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5f2fc2ba07c835f4c8411b3722dd16661c85db0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5f2fc2ba07c835f4c8411b3722dd16661c85db0
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process one NFU

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fe33 by Salvatore Bonaccorso at 2022-12-01T16:15:04+01:00
Process one NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1833,7 +1833,7 @@ CVE-2022-45642
 CVE-2022-45641
RESERVED
 CVE-2022-45640 (Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer 
overflow. Cause ...)
-   TODO: check
+   NOT-FOR-US: Tenda
 CVE-2022-45639
RESERVED
 CVE-2022-45638



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe33aeba4f8f3b796e7593c61482b3076bfe

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe33aeba4f8f3b796e7593c61482b3076bfe
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] new gitlab issues

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d551abbc by Moritz Muehlenhoff at 2022-12-01T11:44:16+01:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -180,8 +180,10 @@ CVE-2022-4207
RESERVED
 CVE-2022-4206
RESERVED
+   - gitlab 
 CVE-2022-4205
RESERVED
+   - gitlab 
 CVE-2022-4204
RESERVED
 CVE-2022-4203
@@ -276,6 +278,7 @@ CVE-2022-42489
RESERVED
 CVE-2022-4201
RESERVED
+   - gitlab 
 CVE-2022-4200
RESERVED
 CVE-2022-4199
@@ -2312,6 +2315,7 @@ CVE-2022-4055 (When xdg-mail is configured to use 
thunderbird for mailto URLs, i
NOTE: 
https://gitlab.freedesktop.org/xdg/xdg-utils/-/issues/205#note_1494267
 CVE-2022-4054
RESERVED
+   - gitlab 
 CVE-2022-45462 (Alarm instance management has command injection when there is 
a specif ...)
NOT-FOR-US: Apache DolphinScheduler
 CVE-2022-45461 (The Java Admin Console in Veritas NetBackup through 10.1 and 
related V ...)
@@ -3792,6 +3796,7 @@ CVE-2022-3903 (An incorrect read request flaw was found 
in the Infrared Transcei
[bullseye] - linux 5.10.148-1
 CVE-2022-3902
RESERVED
+   - gitlab 
 CVE-2022-3901
RESERVED
 CVE-2022-3900
@@ -5960,6 +5965,7 @@ CVE-2022-3821 (An off-by-one Error issue was discovered 
in Systemd in format_tim
NOTE: 
https://github.com/systemd/systemd-stable/commit/72d4c15a946d20143cd4c6783c802124bc894dc7
 (v251.3)
 CVE-2022-3820
RESERVED
+   - gitlab 
 CVE-2022-3819 (An improper authorization issue in GitLab CE/EE affecting all 
versions ...)
- gitlab 
 CVE-2022-3818 (An uncontrolled resource consumption issue when parsing URLs in 
GitLab ...)
@@ -7504,6 +7510,7 @@ CVE-2022-3741 (Impact varies for each individual 
vulnerability in the applicatio
NOT-FOR-US: chatwoot
 CVE-2022-3740
RESERVED
+   - gitlab 
 CVE-2022-3739
RESERVED
 CVE-2022-3738
@@ -10941,6 +10948,7 @@ CVE-2022-3573
RESERVED
 CVE-2022-3572
RESERVED
+   - gitlab 
 CVE-2022-3571
RESERVED
 CVE-2022-3570 (Multiple heap buffer overflows in tiffcrop.c utility in libtiff 
librar ...)
@@ -12264,6 +12272,7 @@ CVE-2022-3483 (An issue has been discovered in GitLab 
CE/EE affecting all versio
- gitlab 
 CVE-2022-3482
RESERVED
+   - gitlab 
 CVE-2022-3481 (The WooCommerce Dropshipping WordPress plugin before 4.4 does 
not prop ...)
NOT-FOR-US: WordPress plugin
 CVE-2022-3480 (A remote, unauthenticated attacker could cause a 
denial-of-service of  ...)
@@ -12311,6 +12320,7 @@ CVE-2022-42897 (Array Networks AG/vxAG with ArrayOS AG 
before 9.4.0.469 allows u
NOT-FOR-US: Array Networks
 CVE-2022-3478
RESERVED
+   - gitlab 
 CVE-2022-42906 (powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 
allows arbi ...)
- powerline-gitstatus 1.3.2-1
[bullseye] - powerline-gitstatus  (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d551abbc90988474a2ab82d071070a2964845928

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d551abbc90988474a2ab82d071070a2964845928
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] new vlc issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
dd1eb0da by Moritz Muehlenhoff at 2022-12-01T11:40:57+01:00
new vlc issue

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=
data/CVE/list
=
@@ -16224,6 +16224,9 @@ CVE-2022-41326 (The web conferencing component of Mitel 
MiCollab through 9.6.0.1
NOT-FOR-US: Mitel
 CVE-2022-41325
RESERVED
+   - vlc 3.0.18-1
+   NOTE: https://www.videolan.org/security/sb-vlc3018.html
+   NOTE: https://code.videolan.org/videolan/vlc/-/issues/27335
 CVE-2022-41324
RESERVED
 CVE-2022-41323 (In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 
4.1.2, i ...)


=
data/dsa-needed.txt
=
@@ -65,5 +65,7 @@ sox
 --
 tiff
 --
+vlc
+--
 xfce4-settings (corsac)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd1eb0da04968eb4d89c625873aed2b45a00aa90

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd1eb0da04968eb4d89c625873aed2b45a00aa90
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for CVE-2022-4139/linux via unstable

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7a4a5c67 by Salvatore Bonaccorso at 2022-12-01T09:27:00+01:00
Track fixed version for CVE-2022-4139/linux via unstable

- - - - -
72815a4c by Salvatore Bonaccorso at 2022-12-01T09:28:44+01:00
Remove notes from CVE-2021-38577 (CVE was incorrectly assigned)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1197,7 +1197,7 @@ CVE-2022-4140
RESERVED
 CVE-2022-4139
RESERVED
-   - linux 
+   - linux 6.0.10-2
NOTE: https://www.openwall.com/lists/oss-security/2022/11/30/1
NOTE: 
https://git.kernel.org/linus/04aa64375f48a5d430b5550d9271f8428883e550
 CVE-2022-45897
@@ -96333,10 +96333,6 @@ CVE-2021-38578 (Existing CommBuffer checks in 
SmmEntryPoint will not catch under
NOTE: https://edk2.groups.io/g/devel/message/90516
 CVE-2021-38577
REJECTED
-   - edk2  (bug #1014468)
-   [bullseye] - edk2  (Minor issue)
-   [buster] - edk2  (Minor issue)
-   NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=3360 (private)
 CVE-2021-38576 (A BIOS bug in firmware for a particular PC model leaves the 
Platform a ...)
- edk2  (bug #1014468)
[bullseye] - edk2  (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4b0461025156e2baf3162e8c2678cb4c41a064ef...72815a4ce66b74c49c4a3298f5571e5a0f5afb3b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4b0461025156e2baf3162e8c2678cb4c41a064ef...72815a4ce66b74c49c4a3298f5571e5a0f5afb3b
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4b046102 by security tracker role at 2022-12-01T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1,3 +1,19 @@
+CVE-2022-46361
+   RESERVED
+CVE-2022-43485
+   RESERVED
+CVE-2022-4245
+   RESERVED
+CVE-2022-4244
+   RESERVED
+CVE-2022-4243
+   RESERVED
+CVE-2022-4242
+   RESERVED
+CVE-2022-4241
+   RESERVED
+CVE-2022-4240
+   RESERVED
 CVE-2022-46359
RESERVED
 CVE-2022-46358
@@ -560,8 +576,8 @@ CVE-2022-46164
RESERVED
 CVE-2022-46163
RESERVED
-CVE-2022-46162
-   RESERVED
+CVE-2022-46162 (discourse-bbcode is the official BBCode plugin for Discourse. 
Prior to ...)
+   TODO: check
 CVE-2022-46161
RESERVED
 CVE-2022-46160
@@ -572,8 +588,8 @@ CVE-2022-46158
RESERVED
 CVE-2022-46157
RESERVED
-CVE-2022-46156
-   RESERVED
+CVE-2022-46156 (The Synthetic Monitoring Agent for Grafana's Synthetic 
Monitoring appl ...)
+   TODO: check
 CVE-2022-46155 (Airtable.js is the JavaScript client for Airtable. Prior to 
version 0. ...)
TODO: check
 CVE-2022-46154
@@ -1813,8 +1829,8 @@ CVE-2022-45642
RESERVED
 CVE-2022-45641
RESERVED
-CVE-2022-45640
-   RESERVED
+CVE-2022-45640 (Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer 
overflow. Cause ...)
+   TODO: check
 CVE-2022-45639
RESERVED
 CVE-2022-45638
@@ -3824,8 +3840,8 @@ CVE-2022-3892
RESERVED
 CVE-2022-3891
RESERVED
-CVE-2022-45045
-   RESERVED
+CVE-2022-45045 (Multiple Xiongmai NVR devices, including MBD6304T 
V4.02.R11.0117.1 ...)
+   TODO: check
 CVE-2022-3890 (Heap buffer overflow in Crashpad in Google Chrome on Android 
prior to  ...)
{DSA-5275-1}
- chromium 107.0.5304.110-1
@@ -6264,10 +6280,10 @@ CVE-2022-44535
RESERVED
 CVE-2022-44534
RESERVED
-CVE-2022-44533
-   RESERVED
-CVE-2022-44532
-   RESERVED
+CVE-2022-44533 (A vulnerability in the Aruba EdgeConnect Enterprise web 
management int ...)
+   TODO: check
+CVE-2022-44532 (An authenticated path traversal vulnerability exists in the 
Aruba Edge ...)
+   TODO: check
 CVE-2022-3785 (A vulnerability, which was classified as critical, has been 
found in A ...)
NOT-FOR-US: Bento4
 CVE-2022-3784 (A vulnerability classified as critical was found in Axiomatic 
Bento4 5 ...)
@@ -6874,8 +6890,8 @@ CVE-2022-44264
RESERVED
 CVE-2022-44263
RESERVED
-CVE-2022-44262
-   RESERVED
+CVE-2022-44262 (ff4j 1.8.1 is vulnerable to Remote Code Execution (RCE). ...)
+   TODO: check
 CVE-2022-44261
RESERVED
 CVE-2022-44260 (TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a 
post-authentication b ...)
@@ -10351,10 +10367,10 @@ CVE-2022-43546 (A vulnerability has been identified 
in POWER METER SICAM Q100 (A
NOT-FOR-US: Siemens
 CVE-2022-43545 (A vulnerability has been identified in POWER METER SICAM Q100 
(All ver ...)
NOT-FOR-US: Siemens
-CVE-2022-43542
-   RESERVED
-CVE-2022-43541
-   RESERVED
+CVE-2022-43542 (Vulnerabilities in the Aruba EdgeConnect Enterprise command 
line inter ...)
+   TODO: check
+CVE-2022-43541 (Vulnerabilities in the Aruba EdgeConnect Enterprise command 
line inter ...)
+   TODO: check
 CVE-2022-43540
RESERVED
 CVE-2022-43539
@@ -10399,8 +10415,8 @@ CVE-2022-43520
RESERVED
 CVE-2022-43519
RESERVED
-CVE-2022-43518
-   RESERVED
+CVE-2022-43518 (An authenticated path traversal vulnerability exists in the 
Aruba Edge ...)
+   TODO: check
 CVE-2022-43517
RESERVED
 CVE-2022-43516
@@ -13435,8 +13451,8 @@ CVE-2022-42448
RESERVED
 CVE-2022-42447
RESERVED
-CVE-2022-42446
-   RESERVED
+CVE-2022-42446 (Starting with Sametime 12, anonymous users are enabled by 
default. Aft ...)
+   TODO: check
 CVE-2022-42445 (HCL Launch could allow a user with administrative privileges, 
includin ...)
NOT-FOR-US: HCL
 CVE-2022-42444
@@ -14994,8 +15010,8 @@ CVE-2022-40965 (The affected product DIAEnergie 
(versions prior to v1.9.01.002)
NOT-FOR-US: DIAEnergie
 CVE-2022-40703 (CWE-302 Authentication Bypass by Assumed-Immutable Data in 
AliveCor Ka ...)
NOT-FOR-US: AliveCor Kardia App
-CVE-2022-40204
-   RESERVED
+CVE-2022-40204 (A cross-site scripting (XSS) vulnerability exists in all 
current versi ...)
+   TODO: check
 CVE-2022-40202 (The database backup function in Delta Electronics InfraSuite 
Device Ma ...)
NOT-FOR-US: Delta Electronics
 CVE-2022-40201
@@ -17345,8 +17361,8 @@ CVE-2022-40851 (Tenda AC15 V15.03.05.19 contained a 
stack overflow via the funct
NOT-FOR-US: Tenda
 CVE-2022-40850
RESERVED
-CVE-2022-40849
-   RESERVED
+CVE-2022-40849 (ThinkCMF version 6.0.7 is affected by Stored Cross-Site