[Git][security-tracker-team/security-tracker][master] automatic update

Mon Jan 17 08:10:21 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb053b68 by security tracker role at 2022-01-17T08:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2022-23304 (The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplica ...)
+	TODO: check
+CVE-2022-23303 (The implementations of SAE in hostapd before 2.10 and wpa_supplicant b ...)
+	TODO: check
+CVE-2022-0245
+	RESERVED
+CVE-2022-0244
+	RESERVED
+CVE-2022-0243
+	RESERVED
 CVE-2022-23302
 	RESERVED
 CVE-2022-22142
@@ -10,8 +20,8 @@ CVE-2022-0241
 	RESERVED
 CVE-2022-0240
 	RESERVED
-CVE-2022-0239
-	RESERVED
+CVE-2022-0239 (corenlp is vulnerable to Improper Restriction of XML External Entity R ...)
+	TODO: check
 CVE-2022-0238 (phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) ...)
 	- phoronix-test-suite <removed>
 CVE-2022-23301
@@ -4833,8 +4843,8 @@ CVE-2021-45494 (Certain NETGEAR devices are affected by an attacker's ability to
 	NOT-FOR-US: Netgear
 CVE-2021-45493 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
 	NOT-FOR-US: Netgear
-CVE-2021-4170
-	RESERVED
+CVE-2021-4170 (calibre-web is vulnerable to Improper Neutralization of Input During W ...)
+	TODO: check
 CVE-2021-4169 (livehelperchat is vulnerable to Improper Neutralization of Input Durin ...)
 	NOT-FOR-US: livehelperchat
 CVE-2021-45492
@@ -78518,7 +78528,7 @@ CVE-2020-29052
 CVE-2020-29051
 	RESERVED
 CVE-2020-29050 (SphinxSearch in Sphinx Technologies Sphinx through 3.1.1 allows direct ...)
-	{DSA-5036-1}
+	{DSA-5036-1 DLA-2882-1}
 	- sphinxsearch 2.2.11-3
 	NOTE: Backported for sphinxsearch from: https://github.com/manticoresoftware/manticoresearch/commit/66b5761ad258c60b1866a8e1333f86e74f48035
 	NOTE: and https://github.com/manticoresoftware/manticoresearch/commit/6e597ff61e1e910559f6ed541ff32520085af6aa



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb053b68de29f37d5961fd0e361b3f7ed1d2fd66

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb053b68de29f37d5961fd0e361b3f7ed1d2fd66
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220117/6237f43d/attachment.htm>
