[Git][security-tracker-team/security-tracker][master] Add CVE-2022-29{89,90}

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4927ad96 by Salvatore Bonaccorso at 2022-08-26T07:48:16+02:00
Add CVE-2022-29{89,90}

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26,8 +26,16 @@ CVE-2022-2991 (A heap-based buffer overflow was found in the Linux kernel's Ligh
 	NOTE: CONFIG_NVM not enabled in Debian
 CVE-2022-2990
 	RESERVED
+	- golang-github-containers-buildah <unfixed>
+	NOTE: https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
+	NOTE: https://github.com/containers/buildah/pull/4200
+	NOTE: https://github.com/containers/buildah/commit/9934b17365083ce966b44c5ce3c7e052f516e255
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2121453
 CVE-2022-2989
 	RESERVED
+	- libpod <unfixed>
+	NOTE: https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2121445
 CVE-2022-2988
 	RESERVED
 CVE-2022-2987



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4927ad964f206777be9016d9a0ebfa5960585a6f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4927ad964f206777be9016d9a0ebfa5960585a6f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220826/d445da01/attachment.htm>