[Git][security-tracker-team/security-tracker][master] Update entry for CVE-2022-23639
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Feb 26 19:27:44 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
616ff179 by Salvatore Bonaccorso at 2022-02-26T20:24:21+01:00
Update entry for CVE-2022-23639
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7365,8 +7365,10 @@ CVE-2022-23640
RESERVED
CVE-2022-23639 (crossbeam-utils provides atomics, synchronization primitives, scoped t ...)
- rust-crossbeam <unfixed>
+ - rust-crossbeam-utils-0.7 <unfixed>
NOTE: https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-qc84-gqf4-9926
NOTE: https://github.com/crossbeam-rs/crossbeam/pull/781
+ TODO: check, crossbeam-utils are vendored in various other sources, in particular rustc to be checked
CVE-2022-23638 (svg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-site scri ...)
NOT-FOR-US: darylldoyle svg-sanitizer
CVE-2022-23637 (K-Box is a web-based application to manage documents, images, videos a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/616ff1794118de004b1051caf8575f389bee6eb8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/616ff1794118de004b1051caf8575f389bee6eb8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220226/6f62be19/attachment.htm>
More information about the debian-security-tracker-commits
mailing list