[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Apr 19 16:04:01 BST 2022



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9e0aaaba by Moritz Muehlenhoff at 2022-04-19T15:52:01+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2958,14 +2958,19 @@ CVE-2022-28327 [crypto/elliptic: tolerate all oversized scalars in generic P-256
 	NOTE: https://go.dev/issue/52075
 CVE-2022-28326
 	RESERVED
+	NOT-FOR-US: GrowthExperiments MediaWiki extension
 CVE-2022-28325
 	RESERVED
+	NOT-FOR-US: MobileFrontend MediaWiki extension
 CVE-2022-28324
 	RESERVED
+	NOT-FOR-US: Echo MediaWiki extension
 CVE-2022-28323
 	RESERVED
+	NOT-FOR-US: SecurePoll MediaWiki extension
 CVE-2022-28322
 	RESERVED
+	NOT-FOR-US: CentralAuth MediaWiki extension
 CVE-2022-28321
 	RESERVED
 CVE-2022-28320
@@ -3407,16 +3412,21 @@ CVE-2022-28213 (When a user access SOAP Web services in SAP BusinessObjects Busi
 	NOT-FOR-US: SAP
 CVE-2022-28212
 	RESERVED
+	NOT-FOR-US: FlaggedRevs MediaWiki extension
 CVE-2022-28211
 	RESERVED
+	NOT-FOR-US: TimedMediaHandler MediaWiki extension
 CVE-2022-28210
 	RESERVED
+	NOT-FOR-US: JsonConfig MediaWiki extension
 CVE-2022-28209 (An issue was discovered in Mediawiki through 1.37.1. The check for the ...)
 	NOT-FOR-US: MediaWiki AntiSpoof extension
 CVE-2022-28208
 	RESERVED
+	NOT-FOR-US: WikiBase MediaWiki extension
 CVE-2022-28207
 	RESERVED
+	NOT-FOR-US: GrowthExperiments MediaWiki extension
 CVE-2022-28206 (An issue was discovered in MediaWiki through 1.37.1. ImportPlanValidat ...)
 	NOT-FOR-US: MediaWiki FileImporter extension
 CVE-2022-28205 (An issue was discovered in MediaWiki through 1.37.1. The CentralAuth e ...)
@@ -12730,7 +12740,7 @@ CVE-2022-24814 (Directus is a real-time API and App dashboard for managing SQL d
 CVE-2022-24813 (CreateWiki is Miraheze's MediaWiki extension for requesting & crea ...)
 	NOT-FOR-US: Miraheze CreateWiki
 CVE-2022-24812 (Grafana is an open-source platform for monitoring and observability. W ...)
-	- grafana <removed>
+	- grafana <not-affected> (Only affects Grafana Enterprise)
 CVE-2022-24811 (Combodi iTop is a web based IT Service Management tool. Prior to versi ...)
 	NOT-FOR-US: Combodi
 CVE-2022-24810



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e0aaaba82971dad646efb8261c306edf073dd9f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e0aaaba82971dad646efb8261c306edf073dd9f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220419/60452d17/attachment.htm>


More information about the debian-security-tracker-commits mailing list