[Git][security-tracker-team/security-tracker][master] 2 commits: Process 2 NFUs

Neil Williams (@codehelp) codehelp at debian.org
Thu Aug 18 11:36:09 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
efcc70ea by Neil Williams at 2022-08-18T11:34:45+01:00
Process 2 NFUs

- - - - -
30e67ce4 by Neil Williams at 2022-08-18T11:35:19+01:00
CVE-2022-35434/jpegqs unfixed #1017608

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7454,7 +7454,9 @@ CVE-2022-35436
 CVE-2022-35435
 	RESERVED
 CVE-2022-35434 (jpeg-quantsmooth before commit 8879454 contained a floating point exce ...)
-	TODO: check
+	- jpegqs <unfixed> (bug #1017608)
+	NOTE: https://github.com/ilyakurdyukov/jpeg-quantsmooth/commit/8879454401722ea603c6e3abfafdeb30c0880c8e
+	NOTE: https://github.com/ilyakurdyukov/jpeg-quantsmooth/issues/25
 CVE-2022-35433 (ffjpeg commit caade60a69633d74100bd3c2528bddee0b6a1291 was discovered  ...)
 	NOT-FOR-US: ffjpeg
 CVE-2022-35432
@@ -8178,13 +8180,13 @@ CVE-2022-35156
 CVE-2022-35155
 	RESERVED
 CVE-2022-35154 (Shopro Mall System v1.3.8 was discovered to contain a SQL injection vu ...)
-	TODO: check
+	NOT-FOR-US: Shopro Mall System
 CVE-2022-35153 (FusionPBX 5.0.1 was discovered to contain a command injection vulnerab ...)
 	NOT-FOR-US: FusionPBX
 CVE-2022-35152
 	RESERVED
 CVE-2022-35151 (kkFileView v4.1.0 was discovered to contain multiple cross-site script ...)
-	TODO: check
+	NOT-FOR-US: kkFileview
 CVE-2022-35150
 	RESERVED
 CVE-2022-35149



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d9fa454e24fbccca41819170e22e938c1eac278b...30e67ce4aa9cf779fa6a4c995908457ee843b5c0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d9fa454e24fbccca41819170e22e938c1eac278b...30e67ce4aa9cf779fa6a4c995908457ee843b5c0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220818/d9109799/attachment.htm>

More information about the debian-security-tracker-commits mailing list