[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 22 May 2022 13:10:34 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6de00bfd by security tracker role at 2022-05-22T20:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2022-1813 (OS Command Injection in GitHub repository yogeshojha/rengine 
prior to  ...)
+       TODO: check
+CVE-2022-1812
+       RESERVED
+CVE-2022-1811
+       RESERVED
+CVE-2022-1810
+       RESERVED
 CVE-2022-31269
        RESERVED
 CVE-2022-31268 (A Path Traversal vulnerability in Gitblit 1.9.3 can lead to 
reading we ...)
@@ -76,6 +84,7 @@ CVE-2022-1803 (Improper Restriction of Rendered UI Layers or 
Frames in GitHub re
        NOT-FOR-US: Trudesk
 CVE-2022-1802
        RESERVED
+       {DSA-5143-1}
        - firefox 100.0.2-1
        - firefox-esr 91.9.1esr-1
        - thunderbird <unfixed>
@@ -3641,6 +3650,7 @@ CVE-2022-1530 (Cross-site Scripting (XSS) in GitHub 
repository livehelperchat/li
        NOT-FOR-US: livehelperchat
 CVE-2022-1529
        RESERVED
+       {DSA-5143-1}
        - firefox 100.0.2-1
        - firefox-esr 91.9.1esr-1
        - thunderbird <unfixed>
@@ -3874,7 +3884,7 @@ CVE-2022-29826
 CVE-2022-29825
        RESERVED
 CVE-2022-29824 (In libxml2 before 2.9.14, several buffer handling functions in 
buf.c ( ...)
-       {DLA-3012-1}
+       {DSA-5142-1 DLA-3012-1}
        - libxml2 2.9.14+dfsg-1 (bug #1010526)
        NOTE: 
https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
 (v2.9.14)
        NOTE: 
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
 (master)
@@ -14641,7 +14651,7 @@ CVE-2021-4224
 CVE-2022-26111 (The BeanShell components of IRISNext through 9.8.28 allow 
execution of ...)
        NOT-FOR-US: IRISNext
 CVE-2022-26110 (An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x 
before  ...)
-       {DLA-2984-1}
+       {DSA-5144-1 DLA-2984-1}
        - condor <unfixed> (bug #1008634)
        NOTE: https://htcondor.org/security/vulnerabilities/HTCONDOR-2022-0003
        NOTE: 
https://github.com/htcondor/htcondor/commit/1cae7601d796725e7f5dd73fedf37f6fbbe379ca
 (V8_8_16)
@@ -157889,6 +157899,7 @@ CVE-2020-8861 (This vulnerability allows 
network-adjacent attackers to bypass au
 CVE-2020-8860 (This vulnerability allows remote attackers to execute arbitrary 
code o ...)
        NOT-FOR-US: Samsung Galaxy S10 Firmware
 CVE-2020-8859 (This vulnerability allows remote attackers to create a 
denial-of-servi ...)
+       {DLA-3014-1}
        - elog <removed>
        NOTE: https://elog.psi.ch/elogs/Forum/69114
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-20-252/
@@ -158385,7 +158396,6 @@ CVE-2020-8661 (CNCF Envoy through 1.13.0 may consume 
excessive amounts of memory
 CVE-2020-8660 (CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector 
could ha ...)
        - envoyproxy <itp> (bug #987544)
 CVE-2020-8659 (CNCF Envoy through 1.13.0 may consume excessive amounts of 
memory when ...)
-       {DLA-3014-1}
        - envoyproxy <itp> (bug #987544)
 CVE-2020-8658 (The BestWebSoft Htaccess plugin through 1.8.1 for WordPress 
allows wp- ...)
        NOT-FOR-US: BestWebSoft Htaccess plugin for WordPress
@@ -179255,7 +179265,7 @@ CVE-2019-18825 (Barco ClickShare Huddle CS-100 
devices before 1.9.0 and CSE-200
 CVE-2019-18824 (Barco ClickShare Button R9861500D01 devices before 1.10.0.13 
have Miss ...)
        NOT-FOR-US: Barco ClickShare Button R9861500D01 devices
 CVE-2019-18823 (HTCondor up to and including stable series 8.8.6 and 
development serie ...)
-       {DLA-2724-1}
+       {DSA-5144-1 DLA-2724-1}
        - condor <unfixed> (bug #963777)
        NOTE: 
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0003.html
        NOTE: 
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0004.html



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6de00bfd95cf07cdd2ccea1cad15afd7bc0e6d4f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6de00bfd95cf07cdd2ccea1cad15afd7bc0e6d4f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to