[Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-3403{3,5}/htmldoc
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Jul 31 12:56:34 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
598dce1d by Salvatore Bonaccorso at 2022-07-31T13:55:12+02:00
Update information on CVE-2022-3403{3,5}/htmldoc
The CVE description seems missleading at this point. The upstream commit
referenced are contained in 1.9.12 and included in the 1.9.12-1 upload.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7584,16 +7584,16 @@ CVE-2022-34037 (An out-of-bounds read in the rewrite function at /modules/caddyh
CVE-2022-34036
RESERVED
CVE-2022-34035 (HTMLDoc v1.9.12 and below was discovered to contain a heap overflow vi ...)
- - htmldoc <unfixed> (unimportant)
+ - htmldoc 1.9.12-1 (unimportant)
NOTE: https://github.com/michaelrsweet/htmldoc/issues/426
- NOTE: https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3
+ NOTE: https://github.com/michaelrsweet/htmldoc/commit/ee778252faebb721afba5a081dd6ad7eaf20eef3 (v1.9.12)
NOTE: Crash in CLI tool, no security impact
CVE-2022-34034
RESERVED
CVE-2022-34033 (HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_h ...)
- - htmldoc <unfixed> (unimportant)
+ - htmldoc 1.9.12-1 (unimportant)
NOTE: https://github.com/michaelrsweet/htmldoc/issues/425
- NOTE: https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e
+ NOTE: https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e (v1.9.12)
CVE-2022-34032 (Nginx NJS v0.7.5 was discovered to contain a segmentation violation in ...)
NOT-FOR-US: njs
CVE-2022-34031 (Nginx NJS v0.7.5 was discovered to contain a segmentation violation vi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/598dce1d313584b5e45edb9317140452449d2ae4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/598dce1d313584b5e45edb9317140452449d2ae4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220731/34b2c7a3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list