Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: 8b5ce926 by Markus Koschany at 2023-02-19T17:30:56+01:00 CVE-2022-1471,snakeyaml: unimportant Snakeyaml is not designed to process untrusted YAML input. This has been clarified for users in version 1.33-2 with a README.Debian.security file. See also Debian bug #1030046 - - - - - 823329f4 by Markus Koschany at 2023-02-19T17:33:20+01:00 CVE-2022-41854,snakeyaml: fixed in 1.33-1 According to the Google fuzzer this issue was fixed between 20220911 and 20220912. Version 1.32 was released back then. The first version in Debian was 1.33-1 and I assume this is fixed now. According to the CVE description the parser would crash by stack overflow. A limit to the nesting depth of YAML files has been already introduced with other CVE fixes, so that shouldn't be a problem anymore. - - - - - 8cada0ea by Markus Koschany at 2023-02-19T17:38:31+01:00 CVE-2022-41854,snakeyaml: Buster is not affected because this issue was addressed in version 1.23-1+deb10u1. Bullseye will be fixed with a point update in the near future. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -33392,7 +33392,8 @@ CVE-2022-41856 CVE-2022-41855 REJECTED CVE-2022-41854 (Those using Snakeyaml to parse untrusted YAML files may be vulnerable ...) - - snakeyaml <unfixed> + - snakeyaml 1.33-1 + [buster] - snakeyaml 1.23-1+deb10u1 NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355 TODO: check details CVE-2022-41853 (Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb ...) @@ -66712,7 +66713,7 @@ CVE-2022-1473 (The OPENSSL_LH_flush() function, which empties a hash table, cont CVE-2022-1472 (The Better Find and Replace WordPress plugin before 1.3.6 does not pro ...) NOT-FOR-US: WordPress plugin CVE-2022-1471 (SnakeYaml's Constructor() class does not restrict types which can be i ...) - - snakeyaml <unfixed> + - snakeyaml <unfixed> (unimportant) NOTE: https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2 CVE-2022-1470 (The Ultimate WooCommerce CSV Importer WordPress plugin through 2.0 doe ...) NOT-FOR-US: WordPress plugin View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7810985b3197b87328b0961c533dab1911a47e9d...8cada0ea4fb8132e0d35bae7b26fd955f3a1fc5f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7810985b3197b87328b0961c533dab1911a47e9d...8cada0ea4fb8132e0d35bae7b26fd955f3a1fc5f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits