[Git][security-tracker-team/security-tracker][master] Revert "Track as well xwayland for CVE-2022-23{19,20}"

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Aug 1 13:35:23 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b6b2a24 by Salvatore Bonaccorso at 2022-08-01T14:33:45+02:00
Revert "Track as well xwayland for CVE-2022-23{19,20}"

Needs further investigation if it's actually a vulnerablity for wayland.

This reverts commit fd093cf74dde2df99d46ebe46e6ba945e331a82c.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4970,7 +4970,6 @@ CVE-2022-35216
 CVE-2022-2320 [ZDI-CAN-16070: X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access]
 	RESERVED
 	- xorg-server 2:21.1.4-1 (bug #1014903)
-	- xwayland 2:22.1.3-1
 	NOTE: Introduced by: https://github.com/freedesktop/xorg-xserver/commit/c06e27b2f6fd9f7b9f827623a48876a225264132 (xorg-server-1.5.99.1)
 	NOTE: Fixed by: https://github.com/freedesktop/xorg-xserver/commit/dd8caf39e9e15d8f302e54045dd08d8ebf1025dc
 	NOTE: Required for fixes: https://github.com/freedesktop/xorg-xserver/commit/f1070c01d616c5f21f939d5ebc533738779451ac
@@ -4978,7 +4977,6 @@ CVE-2022-2320 [ZDI-CAN-16070: X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Ac
 CVE-2022-2319 [ZDI-CAN-16062: X.Org Server ProcXkbSetGeometry Out-Of-Bounds Access]
 	RESERVED
 	- xorg-server 2:21.1.4-1 (bug #1014903)
-	- xwayland 2:22.1.3-1
 	NOTE: Fixed by: https://github.com/freedesktop/xorg-xserver/commit/6907b6ea2b4ce949cb07271f5b678d5966d9df42
 	NOTE: Required for fixes: https://github.com/freedesktop/xorg-xserver/commit/f1070c01d616c5f21f939d5ebc533738779451ac
 	NOTE: https://www.openwall.com/lists/oss-security/2022/07/12/1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b6b2a24ca3005359094d1142a7f5602b5136830

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b6b2a24ca3005359094d1142a7f5602b5136830
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220801/727d8453/attachment.htm>

More information about the debian-security-tracker-commits mailing list