Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 384c30ea by Salvatore Bonaccorso at 2022-12-02T13:14:47+01:00 Move RUSTSEC-2022-0068 entry for rust-capnp to CVE-2022-46149 As RUSTSEC-2022-0068 now mentions that the same CVE as used for src:capnproto . - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,7 +1,3 @@ -CVE-2022-XXXX [rust capnp: out-of-bounds read possible when setting list-of-pointers] - - rust-capnp <unfixed> - NOTE: https://github.com/capnproto/capnproto/blob/master/security-advisories/2022-11-30-0-pointer-list-bounds.md - NOTE: https://rustsec.org/advisories/RUSTSEC-2022-0068.html CVE-2023-21623 RESERVED CVE-2023-21622 @@ -845,8 +841,11 @@ CVE-2022-46150 (Discourse is an open-source discussion platform. Prior to versio NOT-FOR-US: Discourse CVE-2022-46149 (Cap'n Proto is a data interchange format and remote procedure call (RP ...) - capnproto <unfixed> + - rust-capnp <unfixed> NOTE: https://github.com/capnproto/capnproto/security/advisories/GHSA-qqff-4vw4-f6hx NOTE: https://github.com/capnproto/capnproto/commit/25d34c67863fd960af34fc4f82a7ca3362ee74b9 + NOTE: https://github.com/capnproto/capnproto/blob/master/security-advisories/2022-11-30-0-pointer-list-bounds.md + NOTE: https://rustsec.org/advisories/RUSTSEC-2022-0068.html CVE-2022-46148 (Discourse is an open-source messaging platform. In versions 2.8.10 and ...) NOT-FOR-US: Discourse CVE-2022-46147 (Drag and Drop XBlock v2 implements a drag-and-drop style problem, wher ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/384c30ea59d5911aee4492fcc5f456cfd8c6a501 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/384c30ea59d5911aee4492fcc5f456cfd8c6a501 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits