Markus Koschany pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
05d5d72c by Markus Koschany at 2022-12-25T22:15:49+01:00
CVE-2022-46393,mbedtls: buster and bullseye are not affected
Correct wrong entry CVE-2022-46393 <-> CVE-2022-46392
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5758,14 +5758,14 @@ CVE-2022-46395
CVE-2022-46394
RESERVED
CVE-2022-46393 (An issue was discovered in Mbed TLS before 2.28.2 and 3.x
before 3.3.0 ...)
- - mbedtls 2.28.2-1
- NOTE: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
-CVE-2022-46392 (An issue was discovered in Mbed TLS before 2.28.2 and 3.x
before 3.3.0 ...)
- mbedtls 2.28.2-1
[bullseye] - mbedtls <not-affected> (The vulnerable code was introduced
later)
[buster] - mbedtls <not-affected> (The vulnerable code was introduced
later)
NOTE: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
NOTE: Fixed by
https://github.com/Mbed-TLS/mbedtls/commit/f385fcebee017973cf4137333628a78248f1f443
+CVE-2022-46392 (An issue was discovered in Mbed TLS before 2.28.2 and 3.x
before 3.3.0 ...)
+ - mbedtls 2.28.2-1
+ NOTE: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
CVE-2022-46391 (AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due
to print ...)
{DLA-3225-1}
- awstats 7.8-3 (bug #1025410)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05d5d72cc2db5f09333c6b1d5f0bac4ff037c8a5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/05d5d72cc2db5f09333c6b1d5f0bac4ff037c8a5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
