[Git][security-tracker-team/security-tracker][master] horizon n/a
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sun Jul 10 21:15:38 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c6b1eb63 by Moritz Muehlenhoff at 2022-07-10T22:15:24+02:00
horizon n/a
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12990,11 +12990,10 @@ CVE-2022-1656 (Vulnerable versions of the JupiterX Theme (<=2.0.6) allow any
NOT-FOR-US: JupiterX Theme
CVE-2022-1655
RESERVED
- - horizon <unfixed>
- [bullseye] - horizon <no-dsa> (Minor issue)
- [buster] - horizon <no-dsa> (Minor issue)
- [stretch] - horizon <no-dsa> (Minor issue)
+ - horizon <not-affected> (Red Hat-specific packaging issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2075681
+ NOTE: Seems to be specific to the way Red Hat distributes Horizon, the Debian
+ NOTE: package defaults to SESSION_COOKIE_HTTPONLY = True
CVE-2022-1654 (Jupiter Theme <= 6.10.1 and JupiterX Core Plugin <= 2.0.7 allow ...)
NOT-FOR-US: Jupiter Theme and JupiterX Core Plugin
CVE-2022-1653 (The Social Share Buttons by Supsystic WordPress plugin before 2.2.4 do ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6b1eb63bf4d7c822b10647155ef5b50cee9b783
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6b1eb63bf4d7c822b10647155ef5b50cee9b783
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220710/62566aab/attachment.htm>
More information about the debian-security-tracker-commits
mailing list