[Git][security-tracker-team/security-tracker][master] Add new grub2 and shim issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 7 21:07:19 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
91796bac by Salvatore Bonaccorso at 2022-06-07T22:06:42+02:00
Add new grub2 and shim issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10591,14 +10591,24 @@ CVE-2022-28738 (A double free was found in the Regexp compiler in Ruby 3.x befor
 	NOTE: https://www.ruby-lang.org/en/news/2022/04/12/double-free-in-regexp-compilation-cve-2022-28738/
 CVE-2022-28737
 	RESERVED
+	- shim <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2022-28736
 	RESERVED
+	- grub2 <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2022-28735
 	RESERVED
+	- grub2 <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2022-28734
 	RESERVED
+	- grub2 <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2022-28733
 	RESERVED
+	- grub2 <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2022-28732
 	RESERVED
 CVE-2022-28731
@@ -56175,10 +56185,16 @@ CVE-2021-3698 (A flaw was found in Cockpit in versions prior to 260 in the way i
 	NOTE: https://cockpit-project.org/blog/cockpit-260.html
 CVE-2021-3697
 	RESERVED
+	- grub2 <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2021-3696
 	RESERVED
+	- grub2 <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2021-3695
 	RESERVED
+	- grub2 <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2021-40084 (opensysusers through 0.6 does not safely use eval on files in sysusers ...)
 	- opensysusers 0.6-3 (bug #992058)
 	[bullseye] - opensysusers <no-dsa> (Minor issue; if fixed upstream address via point release)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91796baca298a0f792442bfbbd307524dc0f109d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91796baca298a0f792442bfbbd307524dc0f109d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220607/1b9aca7b/attachment.htm>

More information about the debian-security-tracker-commits mailing list