[Git][security-tracker-team/security-tracker][master] CVE-2022-2394{6,7}/kicad 6.0.2+dfsg-1

Neil Williams (@codehelp) codehelp at debian.org
Wed Feb 23 10:55:37 GMT 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
104d4f8c by Neil Williams at 2022-02-23T10:55:13+00:00
CVE-2022-2394{6,7}/kicad 6.0.2+dfsg-1

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5327,9 +5327,15 @@ CVE-2021-46559 (The firmware on Moxa TN-5900 devices through 3.1 has a weak algo
 CVE-2019-25056 (In Bromite through 78.0.3904.130, there are adblock rules in the relea ...)
 	NOT-FOR-US: Bromite
 CVE-2022-23947 (A stack-based buffer overflow vulnerability exists in the Gerber Viewe ...)
-	NOT-FOR-US: Gerber
+	- kicad 6.0.2+dfsg-1
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1460
+	NOTE: https://gitlab.com/kicad/code/kicad/-/issues/10700
+	NOTE: https://gitlab.com/kicad/code/kicad/-/commit/54b20cb0492ee20eb9efaff478eaa51fe17b4ca3
 CVE-2022-23946 (A stack-based buffer overflow vulnerability exists in the Gerber Viewe ...)
-	NOT-FOR-US: Gerber
+	- kicad 6.0.2+dfsg-1
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1460
+	NOTE: https://gitlab.com/kicad/code/kicad/-/issues/10700
+	NOTE: https://gitlab.com/kicad/code/kicad/-/commit/54b20cb0492ee20eb9efaff478eaa51fe17b4ca3
 CVE-2022-23945 (Missing authentication on ShenYu Admin when register by HTTP. This iss ...)
 	NOT-FOR-US: Apache ShenYu Admin
 CVE-2022-23944 (User can access /plugin api without authentication. This issue affecte ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/104d4f8caa066450e1a75c1adbf2c816a2601b93

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/104d4f8caa066450e1a75c1adbf2c816a2601b93
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220223/2a0269a2/attachment.htm>

More information about the debian-security-tracker-commits mailing list