[Git][security-tracker-team/security-tracker][master] jqueryui, phpmailer fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Jul 28 11:38:12 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ec617780 by Moritz Muehlenhoff at 2022-07-28T12:37:42+02:00
jqueryui, phpmailer fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14934,7 +14934,7 @@ CVE-2022-31162 (Slack Morphism is an async client library for Rust. Prior to 0.4
CVE-2022-31161 (Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived ...)
NOT-FOR-US: Roxy-WI
CVE-2022-31160 (jQuery UI is a curated set of user interface interactions, effects, wi ...)
- - jqueryui <unfixed> (bug #1015982)
+ - jqueryui 1.13.2+dfsg-1 (bug #1015982)
NOTE: https://github.com/jquery/jquery-ui/security/advisories/GHSA-h6gj-6jjq-h8g9
NOTE: https://github.com/jquery/jquery-ui/commit/8cc5bae1caa1fcf96bf5862c5646c787020ba3f9
CVE-2022-31159 (The AWS SDK for Java enables Java developers to work with Amazon Web S ...)
@@ -77039,7 +77039,7 @@ CVE-2021-3605 (There's a flaw in OpenEXR's rleUncompress functionality in versio
NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/3204008c0bd4c8d7599a052b304d1b44c4511283 (v2.5)
NOTE: not to be confused with CVE-2020-11760 whose fix is similar but applied around 10 lines above, in the other branch of the 'if'
CVE-2021-3603 (PHPMailer 6.4.1 and earlier contain a vulnerability that can result in ...)
- - libphp-phpmailer <unfixed> (bug #991666)
+ - libphp-phpmailer 6.6.3-1 (bug #991666)
[bullseye] - libphp-phpmailer <no-dsa> (Minor issue)
[buster] - libphp-phpmailer <no-dsa> (Minor issue)
[stretch] - libphp-phpmailer <postponed> (Minor issue, fix along with next DLA)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec6177809111754e1bb3e74314414f52072b037c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec6177809111754e1bb3e74314414f52072b037c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220728/d06af937/attachment.htm>
More information about the debian-security-tracker-commits
mailing list