[Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2022-33070/protobuf-c
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jul 11 05:17:16 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7f7656e5 by Salvatore Bonaccorso at 2022-07-11T06:16:47+02:00
Reference upstream commit for CVE-2022-33070/protobuf-c
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5895,6 +5895,7 @@ CVE-2022-33070 (Protobuf-c v1.4.0 was discovered to contain an invalid arithmeti
[buster] - protobuf-c <no-dsa> (Minor issue)
NOTE: https://github.com/protobuf-c/protobuf-c/issues/506
NOTE: https://github.com/protobuf-c/protobuf-c/pull/508
+ NOTE: https://github.com/protobuf-c/protobuf-c/commit/6e389ce2c34355d36009a8fb1666bed29fa2d4f4 (v1.4.1)
CVE-2022-33069 (Ethereum Solidity v0.8.14 contains an assertion failure via SMTEncoder ...)
NOT-FOR-US: Ethereum
CVE-2022-33068 (An integer overflow in the component hb-ot-shape-fallback.cc of Harfbu ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f7656e53a3d8a333a0521c94b31985c349b45fa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f7656e53a3d8a333a0521c94b31985c349b45fa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220711/fd85f1ed/attachment.htm>
More information about the debian-security-tracker-commits
mailing list