[Git][security-tracker-team/security-tracker][master] Update status for libguestfs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ed07c6d5 by Moritz Muehlenhoff at 2022-06-29T13:57:43+02:00
Update status for libguestfs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -704,9 +704,13 @@ CVE-2022-34494 (rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in
 	NOTE: https://git.kernel.org/linus/1680939e9ecf7764fba8689cfb3429c2fe2bb23c (5.19-rc1)
 CVE-2022-2211 [Buffer overflow in get_keys leads to Dos]
 	RESERVED
-	- libguestfs <undetermined>
+	- libguestfs 1:1.46.2-1
+	[bullseye] - libguestfs <no-dsa> (Minor issue)
+	[buster] - libguestfs <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2100862
-	TODO: check, upstream references, mentioned code is actually in src:guestfs-tools
+	NOTE: In 1:1.46.2-1 of src:libguestfs the tools were split out to src:guestfs-tools, marking that as fixed version
+	NOTE: https://listman.redhat.com/archives/libguestfs/2022-June/029274.html
+	NOTE: https://listman.redhat.com/archives/libguestfs/2022-June/029277.html
 CVE-2022-2210 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...)
 	- vim <unfixed> (unimportant)
 	NOTE: https://huntr.dev/bounties/020845f8-f047-4072-af0f-3726fe1aea25



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed07c6d5319cd30c05e5e17bc33ef57cd6e1cdc5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed07c6d5319cd30c05e5e17bc33ef57cd6e1cdc5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220629/16f65fb5/attachment.htm>