[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

Thu Feb 10 09:58:09 GMT 2022


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3f442621 by Moritz Muehlenhoff at 2022-02-10T10:57:36+01:00
buster/bullseye triage
new jss issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -847,6 +847,7 @@ CVE-2022-0486
 CVE-2022-0485 [nbdcopy: missing error handling may create corrupted destination image]
 	RESERVED
 	- libnbd <unfixed>
+	[bullseye] - libnbd <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2050324
 	NOTE: Fixed by: https://gitlab.com/nbdkit/libnbd/-/commit/8d444b41d09a700c7ee6f9182a649f3f2d325abb
 	NOTE: https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html
@@ -2507,6 +2508,8 @@ CVE-2021-4214
 	NOTE: Crash in CLI package, not shipped in binary packages
 CVE-2021-4213
 	RESERVED
+	- jss <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2042900
 CVE-2022-23941
 	RESERVED
 CVE-2022-23940
@@ -3032,8 +3035,12 @@ CVE-2022-23854
 CVE-2022-23853
 	RESERVED
 	- kate <unfixed>
+	[bullseye] - kate <no-dsa> (Minor issue)
+	[buster] - kate <no-dsa> (Minor issue)
 	[stretch] - kate <no-dsa> (Minor issue)
 	- ktexteditor <unfixed>
+	[bullseye] - ktexteditor <no-dsa> (Minor issue)
+	[buster] - ktexteditor <no-dsa> (Minor issue)
 	[stretch] - ktexteditor <no-dsa> (Minor issue)
 	NOTE: https://kde.org/info/security/advisory-20220131-1.txt
 	NOTE: KTextEditor: Fixed by: https://commits.kde.org/ktexteditor/804e49444c093fe58ec0df2ab436565e50dc147e
@@ -11239,7 +11246,7 @@ CVE-2022-21988 (Microsoft Office Visio Remote Code Execution Vulnerability. ...)
 CVE-2022-21987 (Microsoft SharePoint Server Spoofing Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-21986 (.NET Denial of Service Vulnerability. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft .NET
 CVE-2022-21985 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-21984 (Windows DNS Server Remote Code Execution Vulnerability. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f442621dcaf789085f13e2d03d05494df3bc7f7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f442621dcaf789085f13e2d03d05494df3bc7f7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220210/1c418313/attachment-0001.htm>
