[Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream tag information for CVE-2022-23527

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4cc2a47c by Salvatore Bonaccorso at 2022-12-14T17:14:14+01:00
Add upstream tag information for CVE-2022-23527

- - - - -
b79d7557 by Salvatore Bonaccorso at 2022-12-14T17:16:25+01:00
Track fixed version for xwayland issues via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2729,7 +2729,7 @@ CVE-2022-4284
 CVE-2022-4283 [xkb: reset the radio_groups pointer to NULL after freeing it]
 	RESERVED
 	- xorg-server 2:21.1.5-1 (bug #1026071)
-	- xwayland <unfixed>
+	- xwayland 2:22.1.6-1
 	NOTE: https://lists.x.org/archives/xorg-announce/2022-December/003302.html
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/commit/ccdd431cd8f1cabae9d744f0514b6533c438908c
 CVE-2022-4282 (A vulnerability was found in SpringBootCMS and classified as critical. ...)
@@ -3219,31 +3219,31 @@ CVE-2021-4242 (A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1
 CVE-2022-46344 [Xi: avoid integer truncation in length check of ProcXIChangeProperty]
 	RESERVED
 	- xorg-server 2:21.1.5-1 (bug #1026071)
-	- xwayland <unfixed>
+	- xwayland 2:22.1.6-1
 	NOTE: https://lists.x.org/archives/xorg-announce/2022-December/003302.html
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/commit/8f454b793e1f13c99872c15f0eed1d7f3b823fe8
 CVE-2022-46343 [Xext: free the screen saver resource when replacing it]
 	RESERVED
 	- xorg-server 2:21.1.5-1 (bug #1026071)
-	- xwayland <unfixed>
+	- xwayland 2:22.1.6-1
 	NOTE: https://lists.x.org/archives/xorg-announce/2022-December/003302.html
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/commit/842ca3ccef100ce010d1d8f5f6d6cc1915055900
 CVE-2022-46342 [Xext: free the XvRTVideoNotify when turning off from the same client]
 	RESERVED
 	- xorg-server 2:21.1.5-1 (bug #1026071)
-	- xwayland <unfixed>
+	- xwayland 2:22.1.6-1
 	NOTE: https://lists.x.org/archives/xorg-announce/2022-December/003302.html
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/commit/b79f32b57cc0c1186b2899bce7cf89f7b325161b
 CVE-2022-46341 [Xi: disallow passive grabs with a detail > 255]
 	RESERVED
 	- xorg-server 2:21.1.5-1 (bug #1026071)
-	- xwayland <unfixed>
+	- xwayland 2:22.1.6-1
 	NOTE: https://lists.x.org/archives/xorg-announce/2022-December/003302.html
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/commit/51eb63b0ee1509c6c6b8922b0e4aa037faa6f78b
 CVE-2022-46340 [Xtest: disallow GenericEvents in XTestSwapFakeInput]
 	RESERVED
 	- xorg-server 2:21.1.5-1 (bug #1026071)
-	- xwayland <unfixed>
+	- xwayland 2:22.1.6-1
 	NOTE: https://lists.x.org/archives/xorg-announce/2022-December/003302.html
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/commit/b320ca0ffe4c0c872eeb3a93d9bde21f765c7c63
 CVE-2022-46339
@@ -70521,7 +70521,7 @@ CVE-2022-23527
 	- libapache2-mod-auth-openidc 2.4.12.2-1
 	[bullseye] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
 	NOTE: https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-q6f2-285m-gr53
-	NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/87119f44b9a88312dbc1f752d720bcd2371b94a8
+	NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/87119f44b9a88312dbc1f752d720bcd2371b94a8 (v2.4.12.2)
 CVE-2022-23526
 	RESERVED
 CVE-2022-23525



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a92dcd2d86f5edd15048e9e53c65742efae7c520...b79d75579e766c9e075985fa63532ba3a06f9604

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a92dcd2d86f5edd15048e9e53c65742efae7c520...b79d75579e766c9e075985fa63532ba3a06f9604
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221214/08a04a93/attachment.htm>