[Git][security-tracker-team/security-tracker][master] automatic update

Sun Aug 14 09:10:20 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7991580b by security tracker role at 2022-08-14T08:10:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2022-2813
+	RESERVED
+CVE-2022-2812
+	RESERVED
+CVE-2022-2811
+	RESERVED
 CVE-2022-2810
 	RESERVED
 CVE-2022-38216
@@ -5503,10 +5509,10 @@ CVE-2022-36009
 	RESERVED
 CVE-2022-36008
 	RESERVED
-CVE-2022-36007
-	RESERVED
-CVE-2022-36006
-	RESERVED
+CVE-2022-36007 (Venice is a Clojure inspired sandboxed Lisp dialect with excellent Jav ...)
+	TODO: check
+CVE-2022-36006 (Arvados is an open source platform for managing, processing, and shari ...)
+	TODO: check
 CVE-2022-36005
 	RESERVED
 CVE-2022-36004
@@ -5595,22 +5601,22 @@ CVE-2022-35963
 	RESERVED
 CVE-2022-35962
 	RESERVED
-CVE-2022-35961
-	RESERVED
+CVE-2022-35961 (OpenZeppelin Contracts is a library for secure smart contract developm ...)
+	TODO: check
 CVE-2022-35960
 	RESERVED
 CVE-2022-35959
 	RESERVED
-CVE-2022-35958
-	RESERVED
+CVE-2022-35958 (Discourse is a 100% open source discussion platform. A malicious user  ...)
+	TODO: check
 CVE-2022-35957
 	RESERVED
 CVE-2022-35956 (This Rails gem adds two methods to the ActiveRecord::Base class that a ...)
 	TODO: check
 CVE-2022-35955
 	RESERVED
-CVE-2022-35954
-	RESERVED
+CVE-2022-35954 (The GitHub Actions ToolKit provides a set of packages to make creating ...)
+	TODO: check
 CVE-2022-35953 (BookWyrm is a social network for tracking your reading, talking about  ...)
 	NOT-FOR-US: BookWyrm
 CVE-2022-35952
@@ -5623,8 +5629,7 @@ CVE-2022-35949 (undici is an HTTP/1.1 client, written from scratch for Node.js.`
 	- node-undici 5.8.2+dfsg1+~cs18.9.18.1-1
 	NOTE: https://github.com/nodejs/undici/security/advisories/GHSA-8qr4-xgw6-wmr3
 	NOTE: https://github.com/nodejs/undici/commit/124f7ebf705366b2e1844dff721928d270f87895 (v5.8.2)
-CVE-2022-35948
-	RESERVED
+CVE-2022-35948 (undici is an HTTP/1.1 client, written from scratch for Node.js.`=<  ...)
 	- node-undici 5.8.2+dfsg1+~cs18.9.18.1-1
 	NOTE: https://github.com/nodejs/undici/security/advisories/GHSA-f772-66g8-q5h3
 	NOTE: https://github.com/nodejs/undici/commit/66165d604fd0aee70a93ed5c44ad4cc2df395f80 (v5.8.2)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7991580b30d1623a778dfacfd5bc8839c7da37ee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7991580b30d1623a778dfacfd5bc8839c7da37ee
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220814/6044b225/attachment.htm>
