[Git][security-tracker-team/security-tracker][master] Add CVE-2022-30973/tika with TODO
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 2 08:37:59 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ac846bbc by Salvatore Bonaccorso at 2022-06-02T09:37:30+02:00
Add CVE-2022-30973/tika with TODO
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3263,7 +3263,9 @@ CVE-2022-1771 (Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.
CVE-2019-25061 (The random_password_generator (aka RandomPasswordGenerator) gem throug ...)
NOT-FOR-US: bvsatyaram/random_password_generator
CVE-2022-30973 (We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the ...)
- TODO: check
+ - tika <unfixed>
+ NOTE: http://www.openwall.com/lists/oss-security/2022/05/31/2
+ TODO: check how we want to handle that, because technically this is CVE is for the missing fix for CVE-2022-30126 in upstream 1.x patching specific
CVE-2022-1770 (Improper Privilege Management in GitHub repository polonel/trudesk pri ...)
NOT-FOR-US: Trudesk
CVE-2022-1769 (Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac846bbc589de1dce29a1a773d45b9f13d91f7fb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac846bbc589de1dce29a1a773d45b9f13d91f7fb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220602/6d7c49cf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list