[Git][security-tracker-team/security-tracker][master] various bugs filed

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jul 6 16:41:03 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
37db3bee by Moritz Muehlenhoff at 2022-07-06T17:40:51+02:00
various bugs filed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11807,7 +11807,7 @@ CVE-2022-30793
 	RESERVED
 CVE-2022-30790 (Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2 ...)
 	[experimental] - u-boot 2022.07~rc4+dfsg-1
-	- u-boot <unfixed>
+	- u-boot <unfixed> (bug #1014470)
 	[bullseye] - u-boot <no-dsa> (Minor issue)
 	[buster] - u-boot <no-dsa> (Minor issue)
 	[stretch] - u-boot <no-dsa> (Minor issue)
@@ -11911,7 +11911,7 @@ CVE-2022-30768
 	RESERVED
 CVE-2022-30767 (nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and throu ...)
 	[experimental] - u-boot 2022.07~rc4+dfsg-1
-	- u-boot <unfixed>
+	- u-boot <unfixed> (bug #1014471)
 	[bullseye] - u-boot <ignored> (Minor issue)
 	[buster] - u-boot <not-affected> (Incorrect fix for CVE-2019-14196 not applied)
 	[stretch] - u-boot <not-affected> (Incorrect fix for CVE-2019-14196 not applied)
@@ -12420,7 +12420,7 @@ CVE-2022-30553
 	RESERVED
 CVE-2022-30552 (Das U-Boot 2022.01 has a Buffer Overflow. ...)
 	[experimental] - u-boot 2022.07~rc4+dfsg-1
-	- u-boot <unfixed>
+	- u-boot <unfixed> (bug #1014470)
 	[bullseye] - u-boot <no-dsa> (Minor issue)
 	[buster] - u-boot <no-dsa> (Minor issue)
 	[stretch] - u-boot <no-dsa> (Minor issue)
@@ -62939,13 +62939,14 @@ CVE-2021-38580
 CVE-2021-38579
 	RESERVED
 CVE-2021-38578 (Existing CommBuffer checks in SmmEntryPoint will not catch underflow w ...)
-	- edk2 <undetermined>
+	- edk2 <unfixed> (bug #1014468)
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=3387 (private)
+	NOTE: https://edk2.groups.io/g/devel/message/90516
 CVE-2021-38577 (Heap Overflow in BaseBmpSupportLib. ...)
-	- edk2 <undetermined>
+	- edk2 <unfixed> (bug #1014468)
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=3360 (private)
 CVE-2021-38576 (A BIOS bug in firmware for a particular PC model leaves the Platform a ...)
-	- edk2 <undetermined>
+	- edk2 <unfixed> (bug #1014468)
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=3499 (private)
 CVE-2021-38575 (NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. ...)
 	- edk2 2021.08-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37db3beebb5cb87274ed7fc9fddafdb4b1cd9e40

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37db3beebb5cb87274ed7fc9fddafdb4b1cd9e40
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220706/b0f7fbcb/attachment.htm>

More information about the debian-security-tracker-commits mailing list