Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7618c15d by Moritz Muehlenhoff at 2023-02-13T09:57:11+01:00 pspp no longer installs vulnerable tool - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -37341,15 +37341,17 @@ CVE-2022-39834 (A stored XSS vulnerability was discovered in adminweb/ra/viewend CVE-2022-39833 (FileCloud Versions 20.2 and later allows remote attackers to potential ...) NOT-FOR-US: FileCloud CVE-2022-39832 (An issue was discovered in PSPP 1.6.2. There is a heap-based buffer ov ...) - - pspp <unfixed> (bug #1019598) + - pspp 1.6.2-2 (bug #1019598) [bullseye] - pspp <no-dsa> (Minor issue) [buster] - pspp <no-dsa> (Minor issue) NOTE: https://savannah.gnu.org/bugs/index.php?63000 + NOTE: Starting with 1.6.2-2, pspp-dump-sav is no longer installed, using that as the fixed version CVE-2022-39831 (An issue was discovered in PSPP 1.6.2. There is a heap-based buffer ov ...) - - pspp <unfixed> (bug #1019597) + - pspp 1.6.2-2 (bug #1019597) [bullseye] - pspp <no-dsa> (Minor issue) [buster] - pspp <no-dsa> (Minor issue) NOTE: https://savannah.gnu.org/bugs/?62977 + NOTE: Starting with 1.6.2-2, pspp-dump-sav is no longer installed, using that as the fixed version CVE-2022-39830 (sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on th ...) NOT-FOR-US: Samsung mTower CVE-2022-39829 (There is a NULL pointer dereference in aes256_encrypt in Samsung mTowe ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7618c15dbbebf71d1f995c1cb519ff2cd4626ff3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7618c15dbbebf71d1f995c1cb519ff2cd4626ff3 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits