[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5bf53797 by Moritz Muehlenhoff at 2022-07-06T13:27:41+02:00
buster/bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -70,6 +70,8 @@ CVE-2022-2310
 	RESERVED
 CVE-2022-2309 (NULL Pointer Dereference allows attackers to cause a denial of service ...)
 	- lxml <unfixed>
+	[bullseye] - lxml <no-dsa> (Minor issue)
+	[buster] - lxml <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba/
 	NOTE: https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f (lxml-4.9.1)
 CVE-2022-2308
@@ -689,6 +691,8 @@ CVE-2022-2305
 	RESERVED
 CVE-2022-2304 (Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...)
 	- vim <unfixed>
+	[bullseye] - vim <no-dsa> (Minor issue)
+	[buster] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/eb7402f3-025a-402f-97a7-c38700d9548a/
 	NOTE: https://github.com/vim/vim/commit/54e5fed6d27b747ff152cdb6edfb72ff60e70939 (v9.0.0035)
 CVE-2022-2303
@@ -10730,10 +10734,14 @@ CVE-2022-31118
 	RESERVED
 CVE-2022-31117 (UltraJSON is a fast JSON encoder and decoder written in pure C with bi ...)
 	- ujson <unfixed>
+	[bullseye] - ujson <no-dsa> (Minor issue)
+	[buster] - ujson <no-dsa> (Minor issue)
 	NOTE: https://github.com/ultrajson/ultrajson/security/advisories/GHSA-fm67-cv37-96ff
 	NOTE: https://github.com/ultrajson/ultrajson/commit/9c20de0f77b391093967e25d01fb48671104b15b (5.4.0)
 CVE-2022-31116 (UltraJSON is a fast JSON encoder and decoder written in pure C with bi ...)
 	- ujson <unfixed>
+	[bullseye] - ujson <no-dsa> (Minor issue)
+	[buster] - ujson <no-dsa> (Minor issue)
 	NOTE: https://github.com/ultrajson/ultrajson/security/advisories/GHSA-wpqr-jcpx-745r
 	NOTE: https://github.com/ultrajson/ultrajson/commit/67ec07183342589d602e0fcf7bb1ff3e19272687 (5.4.0)
 CVE-2022-31115 (opensearch-ruby is a community-driven, open source fork of elasticsear ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5bf53797deaef3c37897f131f79b84fcd6728008

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5bf53797deaef3c37897f131f79b84fcd6728008
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220706/e240ad43/attachment.htm>