[Git][security-tracker-team/security-tracker][master] dcmtk no-dsa

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
76a8568e by Moritz Muehlenhoff at 2022-07-26T21:52:26+02:00
dcmtk no-dsa
record one linux upstream fix
cleanup REJECTED entries

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5560,7 +5560,6 @@ CVE-2022-2210 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ..
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-2209
 	REJECTED
-	- linux <unfixed>
 CVE-2022-2208 (NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.516 ...)
 	- vim <unfixed> (unimportant)
 	NOTE: https://huntr.dev/bounties/7bfe3d5b-568f-4c34-908f-a39909638cc1
@@ -8884,10 +8883,8 @@ CVE-2022-27804
 	RESERVED
 CVE-2022-2077
 	REJECTED
-	NOT-FOR-US: Microsoft
 CVE-2022-2076
 	REJECTED
-	NOT-FOR-US: Microsoft
 CVE-2022-2075
 	RESERVED
 CVE-2022-2074
@@ -50746,6 +50743,7 @@ CVE-2022-21505
 	RESERVED
 	- linux <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2022/07/19/4
+	NOTE: https://git.kernel.org/linus/543ce63b664e2c2f9533d089a4664b559c3e6b5b (v5.19-rc8)
 CVE-2022-21504 (The code in UEK6 U3 was missing an appropiate file descriptor count to ...)
 	NOT-FOR-US: Oracle
 CVE-2022-21503 (Vulnerability in the Oracle Cloud Infrastructure product of Oracle Clo ...)
@@ -59133,15 +59131,23 @@ CVE-2021-41691
 	RESERVED
 CVE-2021-41690 (DCMTK through 3.6.6 does not handle memory free properly. The malloced ...)
 	- dcmtk 3.6.7-1
+	[bullseye] - dcmtk <no-dsa> (Minor issue)
+	[buster] - dcmtk <no-dsa> (Minor issue)
 	NOTE: https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb (DCMTK-3.6.7)
 CVE-2021-41689 (DCMTK through 3.6.6 does not handle string copy properly. Sending spec ...)
 	- dcmtk 3.6.7-1
+	[bullseye] - dcmtk <no-dsa> (Minor issue)
+	[buster] - dcmtk <no-dsa> (Minor issue)
 	NOTE: https://github.com/DCMTK/dcmtk/commit/5c14bf53fb42ceca12bbcc0016e8704b1580920d (DCMTK-3.6.7)
 CVE-2021-41688 (DCMTK through 3.6.6 does not handle memory free properly. The object i ...)
 	- dcmtk 3.6.7-1
+	[bullseye] - dcmtk <no-dsa> (Minor issue)
+	[buster] - dcmtk <no-dsa> (Minor issue)
 	NOTE: https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb (DCMTK-3.6.7)
 CVE-2021-41687 (DCMTK through 3.6.6 does not handle memory free properly. The program  ...)
 	- dcmtk 3.6.7-1
+	[bullseye] - dcmtk <no-dsa> (Minor issue)
+	[buster] - dcmtk <no-dsa> (Minor issue)
 	NOTE: https://github.com/DCMTK/dcmtk/commit/a9697dfeb672b0b9412c00c7d36d801e27ec85cb (DCMTK-3.6.7)
 CVE-2021-41686
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76a8568e7af367a01342e5c5c09dac3acaa5f300

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76a8568e7af367a01342e5c5c09dac3acaa5f300
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220726/c48e9681/attachment.htm>