[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Aug 19 22:12:20 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e3673978 by Moritz Mühlenhoff at 2022-08-19T23:11:47+02:00
bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1893,10 +1893,10 @@ CVE-2022-37783
CVE-2022-37782
RESERVED
CVE-2022-37781 (fdkaac v1.0.3 was discovered to contain a heap buffer overflow via __i ...)
- - fdkaac <unfixed> (bug #1017754)
- [bullseye] - fdkaac <no-dsa> (Minor issue; contrib not supported)
+ - fdkaac <unfixed> (unimportant; bug #1017754)
NOTE: https://github.com/nu774/fdkaac/issues/54
NOTE: https://github.com/nu774/fdkaac/commit/ecddb7d63306e01d137d65bbbe7b78c1e779943c
+ NOTE: Crash in CLI tool, no security impact
CVE-2022-37780
RESERVED
CVE-2022-37779
@@ -3698,9 +3698,10 @@ CVE-2022-37051
CVE-2022-37050
RESERVED
CVE-2022-37049 (The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a ...)
- - tcpreplay <unfixed>
+ - tcpreplay <unfixed> (unimportant)
NOTE: https://github.com/appneta/tcpreplay/issues/736
NOTE: https://github.com/appneta/tcpreplay/issues/718
+ NOTE: Crash in CLI tool, no security impact
CVE-2022-37048 (The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain ...)
- tcpreplay <unfixed>
NOTE: https://github.com/appneta/tcpreplay/issues/735
@@ -6017,10 +6018,10 @@ CVE-2022-36150 (tifig v0.2.2 was discovered to contain a heap-buffer overflow vi
CVE-2022-36149 (tifig v0.2.2 was discovered to contain a heap-use-after-free via temIn ...)
NOT-FOR-US: tifig
CVE-2022-36148 (fdkaac commit 53fe239 was discovered to contain a floating point excep ...)
- - fdkaac <unfixed> (bug #1017751)
- [bullseye] - fdkaac <no-dsa> (Minor issue; contrib not supported)
+ - fdkaac <unfixed> (unimportant; bug #1017751)
NOTE: https://github.com/nu774/fdkaac/issues/52
NOTE: https://github.com/nu774/fdkaac/commit/4ec1422bd951a137225ffa4052da120e2ab0a0f4 (v1.0.3)
+ NOTE: Crash in CLI tool, no security impact
CVE-2022-36147
RESERVED
CVE-2022-36146 (SWFMill commit 53d7690 was discovered to contain a memory allocation i ...)
@@ -130606,7 +130607,7 @@ CVE-2020-27788 (An out-of-bounds read access vulnerability was discovered in UPX
NOTE: https://github.com/upx/upx/issues/332
NOTE: https://github.com/upx/upx/commit/1bb93d4fce9f1d764ba57bf5ac154af515b3fc83 (v3.96)
CVE-2020-27787 (A Segmentaation fault was found in UPX in invert_pt_dynamic() function ...)
- - upx-ucl 3.96-1 (unimportant)
+ - upx-ucl 3.96-1
NOTE: https://github.com/upx/upx/issues/333
NOTE: https://github.com/upx/upx/commit/e2f60adc95334f47e286838dac33160819c5d74d (v3.96)
CVE-2020-27786 (A flaw was found in the Linux kernel’s implementation of MIDI, w ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3673978a90232026b4d5c18a53c88c41bc072a5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3673978a90232026b4d5c18a53c88c41bc072a5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220819/09e649e1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list