[Git][security-tracker-team/security-tracker][master] new chafa non issue

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 14 15:09:10 BST 2022



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
47019d5c by Moritz Muehlenhoff at 2022-06-14T16:08:31+02:00
new chafa non issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -477,7 +477,10 @@ CVE-2022-2063 (Improper Privilege Management in GitHub repository nocodb/nocodb
 CVE-2022-2062 (Exposure of Sensitive Information to an Unauthorized Actor in GitHub r ...)
 	NOT-FOR-US: nocodb
 CVE-2022-2061 (Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior  ...)
-	TODO: check
+	- chafa <unfixed> (unimportant)
+	NOTE: https://github.com/hpjansson/chafa/commit/e6ce3746cdcf0836b9dae659a5aed15d73a080d8
+	NOTE: https://huntr.dev/bounties/365ab61f-9a63-421c-97e6-21d4653021f0/
+	NOTE: Crash in CLI tool, no security impact
 CVE-2022-2060 (Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/doli ...)
 	- dolibarr <removed>
 CVE-2022-2059



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47019d5cf57a3d52b563a7f853dfa1a748a45f1c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47019d5cf57a3d52b563a7f853dfa1a748a45f1c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220614/68129af0/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list