[Git][security-tracker-team/security-tracker][master] Add new set of inetutils issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jan 15 09:07:07 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9326e1e9 by Salvatore Bonaccorso at 2022-01-15T10:06:09+01:00
Add new set of inetutils issues
Most of the mwill probably be unimportant with negligible security
impact, but better to do the first initial tracking now adding the
source package and check the impact individually later on on further
triage.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4165,23 +4165,31 @@ CVE-2021-45784
CVE-2021-45783
RESERVED
CVE-2021-45782 (An untrusted pointer dereference in getcmd() at inetutils/src/tftp.c o ...)
- TODO: check
+ - inetutils <unfixed>
+ NOTE: https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00018.html
CVE-2021-45781 (GNU Inetutils 2.2.16-cf091 was discovered to contain a heap-based buff ...)
- TODO: check
+ - inetutils <unfixed>
+ NOTE: https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00015.html
CVE-2021-45780 (GNU Inetutils commit cf091 was discovered to contain a memory leak via ...)
- TODO: check
+ - inetutils <unfixed> (unimportant)
+ NOTE: https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00014.html
+ NOTE: Negligible security impact
CVE-2021-45779 (A NULL pointer dereference in unsetcmd() at inetutils/telnet/commands. ...)
- TODO: check
+ - inetutils <unfixed>
+ NOTE: https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00007.html
CVE-2021-45778 (A NULL pointer dereference in setnmap() at cmds.c of GNU Inetutils v2. ...)
- TODO: check
+ - inetutils <unfixed>
+ NOTE: https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00004.html
CVE-2021-45777
RESERVED
CVE-2021-45776
RESERVED
CVE-2021-45775 (GNU Inetutils 2.2.16-cf091 was discovered to contain an infinite loop ...)
- TODO: check
+ - inetutils <unfixed>
+ NOTE: https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00005.html
CVE-2021-45774 (A NULL pointer dereference in help() at inetutils/telnet/commands.c of ...)
- TODO: check
+ - inetutils <unfixed>
+ NOTE: https://lists.gnu.org/archive/html/bug-inetutils/2021-12/msg00006.html
CVE-2021-45773 (A NULL pointer dereference in CS104_IPAddress_setFromString at src/iec ...)
NOT-FOR-US: lib60870
CVE-2021-45772
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9326e1e917018f91d5d09ae6b764c36dcad48bce
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9326e1e917018f91d5d09ae6b764c36dcad48bce
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220115/152cc528/attachment.htm>
More information about the debian-security-tracker-commits
mailing list