[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2022-2391{4,5} as unimportant
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 9 11:49:27 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
767e7cef by Salvatore Bonaccorso at 2022-08-09T11:02:58+02:00
Mark CVE-2022-2391{4,5} as unimportant
- - - - -
cfd780de by Salvatore Bonaccorso at 2022-08-09T11:03:33+02:00
Update CVE-2022-2391{4,5}/salmon: Vulnerable code newer in a released Debian version but fixed before inclusion
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -139017,18 +139017,16 @@ CVE-2020-23917
CVE-2020-23916
RESERVED
CVE-2020-23915 (An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ...)
- - retroarch <not-affected> (peglib.h is not compiled in Debian builds)
- - salmon 1.4.0+ds1-1
- [buster] - salmon <not-affected> (Vulnerable code not present)
- [stretch] - salmon <not-affected> (Vulnerable code not present)
+ - retroarch <unfixed> (unimportant)
+ NOTE: peglib.h is not compiled in Debian builds
+ - salmon <not-affected> (Vulnerable code never in a released Debian version)
NOTE: Crash in CLI tool, no security impact
NOTE: https://github.com/yhirose/cpp-peglib/commit/b3b29ce8f3acf3a32733d930105a17d7b0ba347e
NOTE: https://github.com/yhirose/cpp-peglib/issues/122
CVE-2020-23914 (An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ...)
- - retroarch <not-affected> (peglib.h is not compiled in Debian builds)
- - salmon 1.4.0+ds1-1
- [buster] - salmon <not-affected> (Vulnerable code not present)
- [stretch] - salmon <not-affected> (Vulnerable code not present)
+ - retroarch <unfixed> (unimportant)
+ NOTE: peglib.h is not compiled in Debian builds
+ - salmon <not-affected> (Vulnerable code never in a released Debian version)
NOTE: Crash in CLI tool, no security impact
NOTE: https://github.com/yhirose/cpp-peglib/commit/0061f393de54cf0326621c079dc2988336d1ebb3
NOTE: https://github.com/yhirose/cpp-peglib/issues/121
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/69608770d7ef55a4bcc23426735e2fb6d3cd271d...cfd780de5de189a6de81ac6f34c615c3217b19e1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/69608770d7ef55a4bcc23426735e2fb6d3cd271d...cfd780de5de189a6de81ac6f34c615c3217b19e1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220809/6beb42a8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list