[Git][security-tracker-team/security-tracker][master] Add upstream fix commit for CVE-2022-40716, CVE-2022-29153

Mon, 01 May 2023 06:05:09 -0700 


Abhijith PA pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fa087277 by Abhijith PA at 2023-05-01T18:33:01+05:30
Add upstream fix commit for CVE-2022-40716, CVE-2022-29153

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -52649,6 +52649,7 @@ CVE-2022-40717 (This vulnerability allows 
network-adjacent attackers to execute
 CVE-2022-40716 (HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, 
and 1.13. ...)
        - consul <unfixed> (bug #1027161)
        NOTE: 
https://discuss.hashicorp.com/t/hcsec-2022-20-consul-service-mesh-intention-bypass-with-malicious-certificate-signing-request/44628
+       NOTE: 
https://github.com/hashicorp/consul/commit/ae822d752ad36007e353249691a0ef318cf55d08
 (1.11.9)
 CVE-2022-40715 (An issue was discovered in NOKIA 1350OMS R14.2. An Absolute 
Path Trave ...)
        NOT-FOR-US: NOKIA
 CVE-2022-40714 (An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS 
exists u ...)
@@ -84961,6 +84962,7 @@ CVE-2022-29154 (An issue was discovered in rsync before 
3.2.5 that allows malici
 CVE-2022-29153 (HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, 
and 1.11. ...)
        - consul <unfixed> (bug #1017982)
        NOTE: 
https://discuss.hashicorp.com/t/hcsec-2022-10-consul-s-http-health-check-may-allow-server-side-request-forgery/38393
+       NOTE: 
https://github.com/hashicorp/consul/commit/72e1ce6317d6a4b28c73cd15f3976eb2c362be19
 (1.9.17)
 CVE-2022-29152 (The Ericom PowerTerm WebConnect 6.0 login portal can unsafely 
write an ...)
        NOT-FOR-US: Ericom
 CVE-2022-29151 (Windows Cluster Shared Volume (CSV) Elevation of Privilege 
Vulnerabili ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa087277467cb3ed72e7de42802189c8bcafa364

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa087277467cb3ed72e7de42802189c8bcafa364
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to