[Git][security-tracker-team/security-tracker][master] automatic update

Sun Dec 4 20:10:34 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e087952b by security tracker role at 2022-12-04T20:10:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2022-46288
+	RESERVED
+CVE-2022-46287
+	RESERVED
+CVE-2022-41993
+	RESERVED
 CVE-2022-46416
 	RESERVED
 CVE-2022-46415
@@ -15683,6 +15689,7 @@ CVE-2022-41753
 CVE-2022-41752
 	RESERVED
 CVE-2022-41751 (Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by pl ...)
+	{DSA-5294-1 DLA-3219-1}
 	- jhead 1:3.06.0.1-3 (bug #1022028)
 	NOTE: https://github.com/Matthias-Wandel/jhead/pull/57
 	NOTE: https://github.com/Matthias-Wandel/jhead/commit/6985da52c9ad4f5f6c247269cb5508fae34a971c
@@ -32043,10 +32050,10 @@ CVE-2022-35510
 	RESERVED
 CVE-2022-35509 (An issue was discovered in EyouCMS 1.5.8. There is a Storage XSS vulne ...)
 	NOT-FOR-US: Eyoucms
-CVE-2022-35508
-	RESERVED
-CVE-2022-35507
-	RESERVED
+CVE-2022-35508 (Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are v ...)
+	TODO: check
+CVE-2022-35507 (A response-header CRLF injection vulnerability in the Proxmox Virtual  ...)
+	TODO: check
 CVE-2022-35506 (TripleCross v0.1.0 was discovered to contain a stack overflow which oc ...)
 	NOT-FOR-US: TripleCross
 CVE-2022-35505 (A segmentation fault in TripleCross v0.1.0 occurs when sending a contr ...)
@@ -108298,6 +108305,7 @@ CVE-2021-34057
 CVE-2021-34056
 	RESERVED
 CVE-2021-34055 (jhead 3.06 is vulnerable to Buffer Overflow via exif.c in function Put ...)
+	{DSA-5294-1 DLA-3219-1}
 	- jhead 1:3.06.0.1-5 (bug #1024272)
 	NOTE: https://github.com/Matthias-Wandel/jhead/issues/36
 	NOTE: Fixed by: https://github.com/Matthias-Wandel/jhead/commit/f0a884210cc46830b176f71fd61569adc8f230a7



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e087952b61a33a9a0e68700898d9081fd666d347

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e087952b61a33a9a0e68700898d9081fd666d347
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221204/a2cd7b71/attachment.htm>
