[Git][security-tracker-team/security-tracker][master] texlive/otfcc updates
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Aug 24 16:13:04 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
178f908b by Moritz Muehlenhoff at 2022-08-24T17:12:50+02:00
texlive/otfcc updates
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8353,85 +8353,194 @@ CVE-2022-35488 (In Zammad 5.2.0, an attacker could manipulate the rate limiting
CVE-2022-35487 (Zammad 5.2.0 suffers from Incorrect Access Control. Zammad did not cor ...)
- zammad <itp> (bug #841355)
CVE-2022-35486 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35485 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35484 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35483 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35482 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35481 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35480
RESERVED
CVE-2022-35479 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35478 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35477 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35476 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35475 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed>
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
CVE-2022-35474 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35473 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35472 (OTFCC v0.10.4 was discovered to contain a global overflow via /release ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35471 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed>
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
CVE-2022-35470 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35469 (OTFCC v0.10.4 was discovered to contain a segmentation violation via / ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35468 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed>
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
CVE-2022-35467 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed>
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
CVE-2022-35466 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35465 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35464 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35463 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35462 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35461 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35460 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35459 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed>
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
CVE-2022-35458 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35457
RESERVED
CVE-2022-35456 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35455 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35454 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35453 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35452 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35451 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35450 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35449 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35448 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35447 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /re ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual impact
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact)
CVE-2022-35446
RESERVED
CVE-2022-35445
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/178f908b0f299da13064d5a6a3a5e6563f86783c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/178f908b0f299da13064d5a6a3a5e6563f86783c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220824/ee765d29/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list