[Git][security-tracker-team/security-tracker][master] add ATS commit refs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Dec 21 10:14:27 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c9bcd666 by Moritz Muehlenhoff at 2022-12-21T11:13:55+01:00
add ATS commit refs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23575,8 +23575,11 @@ CVE-2022-40744
RESERVED
CVE-2022-40743 (Improper Input Validation vulnerability for the xdebug plugin in Apach ...)
- trafficserver 9.1.4+ds-1
+ [bullseye] - trafficserver <not-affected> (Vulnerable code not present)
+ [buster] - trafficserver <not-affected> (Vulnerable code not present)
NOTE: https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
- TODO: check, appears to affect only 9.1.x versions
+ NOTE: https://github.com/apache/trafficserver/commit/eb5efe19e68e51db58a6320b4a99e3fc83336a14 (master)
+ NOTE: https://github.com/apache/trafficserver/commit/20c857a785da93fa0e3263597207b5ef35b65b7c (v9.1.x)
CVE-2022-3233 (Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffwe ...)
- rdiffweb <itp> (bug #969974)
CVE-2022-3232 (Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffwe ...)
@@ -32671,6 +32674,8 @@ CVE-2022-2634 (An attacker may be able to execute malicious actions due to the l
CVE-2022-37392 (Improper Check for Unusual or Exceptional Conditions vulnerability in ...)
- trafficserver 9.1.4+ds-1
NOTE: https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
+ NOTE: https://github.com/apache/trafficserver/commit/3b9cbf873a77bb7f9297f2b16496a290e0cf7de1 (master)
+ NOTE: https://github.com/apache/trafficserver/commit/0ba19c72b70a25e3dfbbc3f507427314ba2afd80 (v9.1.x)
CVE-2022-37391
RESERVED
CVE-2022-37390
@@ -45045,6 +45050,9 @@ CVE-2022-32750 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 throug
CVE-2022-32749 (Improper Check for Unusual or Exceptional Conditions vulnerability han ...)
- trafficserver 9.1.4+ds-1
NOTE: https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
+ NOTE: https://github.com/apache/trafficserver/pull/9243
+ NOTE: https://github.com/apache/trafficserver/commit/71a80d1abb3fbcb2e30ff850c8bca0a371589b5a (master)
+ NOTE: https://github.com/apache/trafficserver/commit/590f87304b233791169af3d5899c5ba135bb61fa (9.1.x)
CVE-2022-32748
RESERVED
CVE-2022-32747
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9bcd666bcb67f0359c91fc8d8bd05e8499dded1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9bcd666bcb67f0359c91fc8d8bd05e8499dded1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221221/c059376c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list