[Git][security-tracker-team/security-tracker][master] bugnums

Fri Jul 15 12:19:55 BST 2022


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c03c8a5 by Moritz Muehlenhoff at 2022-07-15T13:19:42+02:00
bugnums
add reference for 389-ds-base issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32,7 +32,7 @@ CVE-2022-35864
 	RESERVED
 CVE-2022-2414
 	RESERVED
-	- dogtag-pki <unfixed>
+	- dogtag-pki <unfixed> (bug #1014957)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2104676
 	NOTE: https://github.com/dogtagpki/pki/pull/4021
 	NOTE: https://github.com/dogtagpki/pki/commit/4e893243d72ad766558c10c907841f5f9c047055
@@ -1036,7 +1036,7 @@ CVE-2022-35416 (H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnl
 CVE-2022-35415
 	RESERVED
 CVE-2022-35414 (softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized r ...)
-	- qemu <unfixed>
+	- qemu <unfixed> (bug #1014958)
 	NOTE: https://gitlab.com/qemu-project/qemu/-/issues/1065
 	NOTE: https://github.com/qemu/qemu/commit/418ade7849ce7641c0f7333718caf5091a02fd4c
 	NOTE: https://sick.codes/sick-2022-113
@@ -1118,7 +1118,7 @@ CVE-2022-2348
 	RESERVED
 CVE-2022-2347 [Unchecked Download Size and Direction in U-Boot USB DFU]
 	RESERVED
-	- u-boot <unfixed>
+	- u-boot <unfixed> (bug #1014959)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/07/08/2
 CVE-2022-35399
 	REJECTED
@@ -4826,7 +4826,7 @@ CVE-2022-33981 (drivers/block/floppy.c in the Linux kernel before 5.17.6 is vuln
 	NOTE: https://www.openwall.com/lists/oss-security/2022/04/28/1
 	NOTE: https://git.kernel.org/linus/233087ca063686964a53c829d547c7571e3f67bf (5.18-rc5)
 CVE-2022-33980 (Apache Commons Configuration performs variable interpolation, allowing ...)
-	- commons-configuration2 <unfixed>
+	- commons-configuration2 <unfixed> (bug #1014960)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/07/06/5
 CVE-2022-2129 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...)
 	- vim <unfixed>
@@ -24996,9 +24996,9 @@ CVE-2022-0920 (The Salon booking system Free and Pro WordPress plugins before 7.
 CVE-2022-0919 (The Salon booking system Free and pro WordPress plugins before 7.6.3 d ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-0918 (A vulnerability was discovered in the 389 Directory Server that allows ...)
-	- 389-ds-base <undetermined>
+	- 389-ds-base <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2055815
-	TODO: check details
+	NOTE: https://github.com/389ds/389-ds-base/issues/5242
 CVE-2022-0917
 	RESERVED
 CVE-2022-0916 (An issue was discovered in Logitech Options. The OAuth 2.0 state param ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c03c8a5e40456784e82e41338e8757332be8deb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c03c8a5e40456784e82e41338e8757332be8deb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220715/250ea4cb/attachment.htm>
