[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Aug 21 21:10:27 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b1764c59 by security tracker role at 2022-08-21T20:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -291,8 +291,8 @@ CVE-2022-2887
 	RESERVED
 CVE-2022-2886 (A vulnerability, which was classified as critical, was found in Larave ...)
 	TODO: check
-CVE-2022-2885
-	RESERVED
+CVE-2022-2885 (Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecomp ...)
+	TODO: check
 CVE-2022-38396
 	RESERVED
 CVE-2022-38395
@@ -8999,8 +8999,7 @@ CVE-2022-2307 (A lack of cascading deletes in GitLab CE/EE affecting all version
 	- gitlab <unfixed>
 CVE-2022-34917
 	RESERVED
-CVE-2022-34916
-	RESERVED
+CVE-2022-34916 (Apache Flume versions 1.4.0 through 1.10.0 are vulnerable to a remote  ...)
 	NOT-FOR-US: Apache Flume
 CVE-2022-2306 (Old session tokens can be used to authenticate to the application and  ...)
 	NOT-FOR-US: Nakama
@@ -40920,14 +40919,14 @@ CVE-2021-46559 (The firmware on Moxa TN-5900 devices through 3.1 has a weak algo
 CVE-2019-25056 (In Bromite through 78.0.3904.130, there are adblock rules in the relea ...)
 	NOT-FOR-US: Bromite
 CVE-2022-23947 (A stack-based buffer overflow vulnerability exists in the Gerber Viewe ...)
-	{DLA-3078-1 DLA-2998-1}
+	{DSA-5214-1 DLA-3078-1 DLA-2998-1}
 	- kicad 6.0.2+dfsg-1
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1460
 	NOTE: https://gitlab.com/kicad/code/kicad/-/issues/10700
 	NOTE: https://gitlab.com/kicad/code/kicad/-/commit/54b20cb0492ee20eb9efaff478eaa51fe17b4ca3 (master)
 	NOTE: https://gitlab.com/kicad/code/kicad/-/commit/a7fbdfe9182fe075d1f36cf1f23432b28caf03b3 (6.0.2)
 CVE-2022-23946 (A stack-based buffer overflow vulnerability exists in the Gerber Viewe ...)
-	{DLA-3078-1 DLA-2998-1}
+	{DSA-5214-1 DLA-3078-1 DLA-2998-1}
 	- kicad 6.0.2+dfsg-1
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1460
 	NOTE: https://gitlab.com/kicad/code/kicad/-/issues/10700
@@ -41785,14 +41784,14 @@ CVE-2022-23806 (Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17
 CVE-2022-23805 (A security out-of-bounds read information disclosure vulnerability in  ...)
 	NOT-FOR-US: Trend Micro
 CVE-2022-23804 (A stack-based buffer overflow vulnerability exists in the Gerber Viewe ...)
-	{DLA-3078-1 DLA-2998-1}
+	{DSA-5214-1 DLA-3078-1 DLA-2998-1}
 	- kicad 6.0.2+dfsg-1
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1453
 	NOTE: https://gitlab.com/kicad/code/kicad/-/issues/10719
 	NOTE: https://gitlab.com/kicad/code/kicad/-/commit/927afe313d1f104391814ee7d5d9cca0a520aa50 (6.0.2)
 	NOTE: https://gitlab.com/kicad/code/kicad/-/commit/7ed569058c516974c47b4a506daa3daea4248e05 (master)
 CVE-2022-23803 (A stack-based buffer overflow vulnerability exists in the Gerber Viewe ...)
-	{DLA-3078-1 DLA-2998-1}
+	{DSA-5214-1 DLA-3078-1 DLA-2998-1}
 	- kicad 6.0.2+dfsg-1
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1453
 	NOTE: https://gitlab.com/kicad/code/kicad/-/issues/10719



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b1764c592e4743f534a727887b599ce434bbc4e3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b1764c592e4743f534a727887b599ce434bbc4e3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220821/619cced2/attachment.htm>


More information about the debian-security-tracker-commits mailing list