[Git][security-tracker-team/security-tracker][master] 2 commits: Update tag information for weechat issue

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Apr 2 08:50:14 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eee086e5 by Salvatore Bonaccorso at 2022-04-02T09:48:16+02:00
Update tag information for weechat issue

- - - - -
b00ec0ab by Salvatore Bonaccorso at 2022-04-02T09:49:48+02:00
Update information on weechat issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1915,11 +1915,13 @@ CVE-2022-1056 (Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows atta
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-XXXX [Possible man-in-the-middle attack in TLS connection to servers]
 	- weechat 3.4.1-1
+	[bullseye] - weechat <not-affected> (Vulnerable code introduced later)
+	[buster] - weechat <not-affected> (Vulnerable code introduced later)
 	[stretch] - weechat <not-affected> (Vulnerable code introduced later)
 	NOTE: https://weechat.org/doc/security/WSA-2022-1/
 	NOTE: https://github.com/weechat/weechat/issues/1763
-	NOTE: Fixed by: https://github.com/weechat/weechat/commit/710247891cdfd4e66ee6d1715e93626def6871f1
-	NOTE: weechat.network.gnutls_ca_system/gnutls_ca_user introduced by: https://github.com/weechat/weechat/commit/c588ee21bc8fd33678893d5c67616033281032e3 (v3.2)
+	NOTE: Fixed by: https://github.com/weechat/weechat/commit/710247891cdfd4e66ee6d1715e93626def6871f1 (v3.4.1)
+	NOTE: weechat.network.gnutls_ca_system/gnutls_ca_user introduced by: https://github.com/weechat/weechat/commit/c588ee21bc8fd33678893d5c67616033281032e3 (v3.2-rc1)
 CVE-2022-27653
 	RESERVED
 CVE-2022-27652



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bef9dcf9204a47e3424d5e7287b6f26294d5b846...b00ec0ab4db088af609d498d107c1ea121f18b7d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bef9dcf9204a47e3424d5e7287b6f26294d5b846...b00ec0ab4db088af609d498d107c1ea121f18b7d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220402/e97da936/attachment.htm>

More information about the debian-security-tracker-commits mailing list