[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Feb 20 08:10:19 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0c09d9e1 by security tracker role at 2022-02-20T08:10:09+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2022-25369
+ RESERVED
CVE-2022-25368
RESERVED
CVE-2022-0690 (Cross-site Scripting (XSS) - Reflected in Packagist microweber/microwe ...)
@@ -10396,37 +10398,37 @@ CVE-2021-45958 (UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer ove
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36009
NOTE: https://github.com/ultrajson/ultrajson/issues/501
NOTE: https://github.com/ultrajson/ultrajson/issues/502
-CVE-2021-45957 (Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (calle ...)
+CVE-2021-45957 (** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in answer ...)
- dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35920
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-935.yaml
NOTE: Non issue, result of poorly automated fuzzing effort
-CVE-2021-45956 (Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called fro ...)
+CVE-2021-45956 (** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in print_ ...)
- dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35887
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-933.yaml
NOTE: Non issue, result of poorly automated fuzzing effort
-CVE-2021-45955 (Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called ...)
+CVE-2021-45955 (** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in resize ...)
- dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35898
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-932.yaml
NOTE: Non issue, result of poorly automated fuzzing effort
-CVE-2021-45954 (Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ...)
+CVE-2021-45954 (** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in extrac ...)
- dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35861
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-931.yaml
NOTE: Non issue, result of poorly automated fuzzing effort
-CVE-2021-45953 (Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ...)
+CVE-2021-45953 (** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in extrac ...)
- dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35858
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-929.yaml
NOTE: Non issue, result of poorly automated fuzzing effort
-CVE-2021-45952 (Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called fr ...)
+CVE-2021-45952 (** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_r ...)
- dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35870
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-927.yaml
NOTE: Non issue, result of poorly automated fuzzing effort
-CVE-2021-45951 (Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (ca ...)
+CVE-2021-45951 (** DISPUTED ** Dnsmasq 2.86 has a heap-based buffer overflow in check_ ...)
- dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35868
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-924.yaml
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0c09d9e10606fa8362ba00297cbc3f3864ae92e4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0c09d9e10606fa8362ba00297cbc3f3864ae92e4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220220/ecfe34ee/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list