[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Mon, 23 May 2022 01:10:32 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f6fa7cda by security tracker role at 2022-05-23T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2022-30549
+       RESERVED
+CVE-2022-29524
+       RESERVED
+CVE-2022-29506
+       RESERVED
 CVE-2022-1813 (OS Command Injection in GitHub repository yogeshojha/rengine 
prior to  ...)
        TODO: check
 CVE-2022-1812
@@ -2437,6 +2443,7 @@ CVE-2022-1621 (Heap buffer overflow in vim_strncpy 
find_word in GitHub repositor
        NOTE: https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb
        NOTE: 
https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b 
(v8.2.4919)
 CVE-2018-25033 (ADMesh through 0.98.4 has a heap-based buffer over-read in 
stl_update_ ...)
+       {DLA-3019-1}
        - admesh 0.98.4-2 (bug #1010770)
        [bullseye] - admesh <no-dsa> (Minor issue; can be fixed via point 
release)
        [buster] - admesh <no-dsa> (Minor issue; can be fixed via point release)
@@ -3547,7 +3554,7 @@ CVE-2022-29918
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29918
 CVE-2022-29917
        RESERVED
-       {DSA-5141-1 DSA-5129-1 DLA-2994-1}
+       {DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
        - firefox 100.0-1
        - firefox-esr 91.9.0esr-1
        - thunderbird 1:91.9.0-1
@@ -3556,7 +3563,7 @@ CVE-2022-29917
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29917
 CVE-2022-29916
        RESERVED
-       {DSA-5141-1 DSA-5129-1 DLA-2994-1}
+       {DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
        - firefox 100.0-1
        - firefox-esr 91.9.0esr-1
        - thunderbird 1:91.9.0-1
@@ -3569,7 +3576,7 @@ CVE-2022-29915
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29915
 CVE-2022-29914
        RESERVED
-       {DSA-5141-1 DSA-5129-1 DLA-2994-1}
+       {DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
        - firefox 100.0-1
        - firefox-esr 91.9.0esr-1
        - thunderbird 1:91.9.0-1
@@ -3578,12 +3585,12 @@ CVE-2022-29914
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29914
 CVE-2022-29913
        RESERVED
-       {DSA-5141-1}
+       {DSA-5141-1 DLA-3020-1}
        - thunderbird 1:91.9.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29913
 CVE-2022-29912
        RESERVED
-       {DSA-5141-1 DSA-5129-1 DLA-2994-1}
+       {DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
        - firefox 100.0-1
        - firefox-esr 91.9.0esr-1
        - thunderbird 1:91.9.0-1
@@ -3592,7 +3599,7 @@ CVE-2022-29912
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29912
 CVE-2022-29911
        RESERVED
-       {DSA-5141-1 DSA-5129-1 DLA-2994-1}
+       {DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
        - firefox 100.0-1
        - firefox-esr 91.9.0esr-1
        - thunderbird 1:91.9.0-1
@@ -3605,7 +3612,7 @@ CVE-2022-29910
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29910
 CVE-2022-29909
        RESERVED
-       {DSA-5141-1 DSA-5129-1 DLA-2994-1}
+       {DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
        - firefox 100.0-1
        - firefox-esr 91.9.0esr-1
        - thunderbird 1:91.9.0-1
@@ -3767,7 +3774,7 @@ CVE-2022-1521
        RESERVED
 CVE-2022-1520
        RESERVED
-       {DSA-5141-1}
+       {DSA-5141-1 DLA-3020-1}
        - thunderbird 1:91.9.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-1520
 CVE-2022-1519
@@ -17309,8 +17316,8 @@ CVE-2021-45721
        RESERVED
 CVE-2021-45074 (JFrog Artifactory before 7.29.3 and 6.23.38, is vulnerable to 
Broken A ...)
        NOT-FOR-US: JFrog Artifactory
-CVE-2021-41834
-       RESERVED
+CVE-2021-41834 (JFrog Artifactory prior to version 7.28.0 and 6.23.38, is 
vulnerable t ...)
+       TODO: check
 CVE-2021-23163
        RESERVED
 CVE-2022-25146 (The Remote App module in Liferay Portal through v7.4.3.8 and 
Liferay D ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6fa7cda3b5459290f3ce71478193926953aa895

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6fa7cda3b5459290f3ce71478193926953aa895
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to