[Git][security-tracker-team/security-tracker][master] Add CVE-2022-145{1,2}/radare2

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1081aabf by Salvatore Bonaccorso at 2022-04-25T10:19:27+02:00
Add CVE-2022-145{1,2}/radare2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -383,9 +383,13 @@ CVE-2022-1454
 CVE-2022-1453
 	RESERVED
 CVE-2022-1452 (Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function i ...)
-	TODO: check
+	- radare2 <unfixed>
+	NOTE: https://huntr.dev/bounties/c8f4c2de-7d96-4ad4-857a-c099effca2d6
+	NOTE: https://github.com/radareorg/radare2/commit/ecc44b6a2f18ee70ac133365de0e509d26d5e168
 CVE-2022-1451 (Out-of-bounds Read in r_bin_java_constant_value_attr_new function in G ...)
-	TODO: check
+	- radare2 <unfixed>
+	NOTE: https://huntr.dev/bounties/229a2e0d-9e5c-402f-9a24-57fa2eb1aaa7
+	NOTE: https://github.com/radareorg/radare2/commit/0927ed3ae99444e7b47b84e43118deb10fe37529
 CVE-2019-25059 (Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this  ...)
 	TODO: check
 CVE-2022-29599



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1081aabf8f2d39e41cb44bf61dbc9a58c69eeaa8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1081aabf8f2d39e41cb44bf61dbc9a58c69eeaa8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220425/c91a9e68/attachment.htm>