[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Dec 2 10:41:16 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
46508902 by Moritz Muehlenhoff at 2022-12-02T11:41:02+01:00
bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19266,6 +19266,7 @@ CVE-2022-3168
[experimental] - android-platform-tools 33.0.3-1~exp1
- android-platform-tools <unfixed>
- android-platform-system-core <removed>
+ [bullseye] - android-platform-system-core <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2022/10/25/5
CVE-2019-25076 (The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.1 ...)
- openvswitch <unfixed> (bug #1021740)
@@ -23110,6 +23111,7 @@ CVE-2022-2991 (A heap-based buffer overflow was found in the Linux kernel's Ligh
NOTE: CONFIG_NVM not enabled in Debian
CVE-2022-2990 (An incorrect handling of the supplementary groups in the Buildah conta ...)
- golang-github-containers-buildah 1.28.0+ds1-2
+ [bullseye] - golang-github-containers-buildah <no-dsa> (Minor issue)
NOTE: https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
NOTE: https://github.com/containers/buildah/pull/4200
NOTE: https://github.com/containers/buildah/commit/9934b17365083ce966b44c5ce3c7e052f516e255 (v1.28.0)
@@ -54601,6 +54603,7 @@ CVE-2022-27652 (A flaw was found in cri-o, where containers were incorrectly sta
CVE-2022-27651 (A flaw was found in buildah where containers were incorrectly started ...)
[experimental] - golang-github-containers-buildah 1.27.0+ds1-2
- golang-github-containers-buildah 1.28.0+ds1-2 (bug #1009882)
+ [bullseye] - golang-github-containers-buildah <no-dsa> (Minor issue)
NOTE: https://github.com/containers/buildah/commit/e7e55c988c05dd74005184ceb64f097a0cfe645b (v1.25.1)
NOTE: https://github.com/containers/buildah/security/advisories/GHSA-c3g4-w6cv-6v7h
CVE-2022-27650 (A flaw was found in crun where containers were incorrectly started wit ...)
@@ -86744,6 +86747,7 @@ CVE-2022-20128
[experimental] - android-platform-tools 33.0.3-1~exp1
- android-platform-tools <unfixed>
- android-platform-system-core <removed>
+ [bullseye] - android-platform-system-core <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2022/10/25/5
CVE-2022-20127 (In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds w ...)
NOT-FOR-US: Android
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4650890261b3ab4aebfd56d3ad49b2d564ec226c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4650890261b3ab4aebfd56d3ad49b2d564ec226c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221202/3733b7c1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list