[Git][security-tracker-team/security-tracker][master] Reference upstream commits for liblouis issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 7 16:21:18 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7047de24 by Salvatore Bonaccorso at 2022-06-07T17:20:27+02:00
Reference upstream commits for liblouis issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1900,7 +1900,7 @@ CVE-2022-31783 (Liblouis 3.21.0 has an out-of-bounds write in compileRule in com
[bullseye] - liblouis <no-dsa> (Minor issue)
[buster] - liblouis <no-dsa> (Minor issue)
NOTE: https://github.com/liblouis/liblouis/issues/1214
- NOTE: https://github.com/liblouis/liblouis/commit/ff747ec5e1ac54d54194846f6fe5bfc689192a85
+ NOTE: https://github.com/liblouis/liblouis/commit/2e4772befb2b1c37cb4b9d6572945115ee28630a (v3.22.0)
CVE-2022-31782 (ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based bu ...)
- freetype <unfixed> (unimportant)
NOTE: https://gitlab.freedesktop.org/freetype/freetype-demos/-/issues/8
@@ -15836,6 +15836,8 @@ CVE-2022-26981 (Liblouis through 3.21.0 has a buffer overflow in compilePassOpco
[bullseye] - liblouis <no-dsa> (Minor issue)
[buster] - liblouis <no-dsa> (Minor issue)
NOTE: https://github.com/liblouis/liblouis/issues/1171
+ NOTE: https://github.com/liblouis/liblouis/pull/1185
+ NOTE: https://github.com/liblouis/liblouis/commit/73751be7a5617bfff4a735ae095203a2d3ec50ef (v3.22.0)
CVE-2022-26980 (Teampass 2.1.26 allows reflected XSS via the index.php PATH_INFO. ...)
- teampass <itp> (bug #730180)
CVE-2022-0942 (Stored XSS due to Unrestricted File Upload in GitHub repository star7t ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7047de2473cb3f01136a31acc89e1f2f21a13244
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7047de2473cb3f01136a31acc89e1f2f21a13244
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220607/6410dda6/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list