[Git][security-tracker-team/security-tracker][master] also track guestfs-tools for CVE-2022-2211
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Jun 29 14:17:28 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7b53a18c by Moritz Muehlenhoff at 2022-06-29T15:17:08+02:00
also track guestfs-tools for CVE-2022-2211
xpdf n/a
knot-resolver unimportant
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -707,6 +707,7 @@ CVE-2022-2211 [Buffer overflow in get_keys leads to Dos]
- libguestfs 1:1.46.2-1
[bullseye] - libguestfs <no-dsa> (Minor issue)
[buster] - libguestfs <no-dsa> (Minor issue)
+ - guestfs-tools <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2100862
NOTE: In 1:1.46.2-1 of src:libguestfs the tools were split out to src:guestfs-tools, marking that as fixed version
NOTE: https://listman.redhat.com/archives/libguestfs/2022-June/029274.html
@@ -4126,7 +4127,7 @@ CVE-2022-33110
CVE-2022-33109
RESERVED
CVE-2022-33108 (XPDF v4.04 was discovered to contain a stack overflow vulnerability vi ...)
- TODO: check
+ - xpdf <not-affected> (Debian uses poppler, which is not affected)
CVE-2022-33107
RESERVED
CVE-2022-33106
@@ -4483,9 +4484,8 @@ CVE-2022-32985
CVE-2022-32984
RESERVED
CVE-2022-32983 (Knot Resolver through 5.5.1 may allow DNS cache poisoning when there i ...)
- - knot-resolver <unfixed>
- NOTE: Documentation update: https://github.com/CZ-NIC/knot-resolver/commit/ccb9d9794db5eb757c33becf65cb1cf48ecfd968
- TODO: check details
+ - knot-resolver <unfixed> (unimportant)
+ NOTE: Just a clarifyin documentation update: https://github.com/CZ-NIC/knot-resolver/commit/ccb9d9794db5eb757c33becf65cb1cf48ecfd968
CVE-2022-32982
RESERVED
CVE-2022-32981 (An issue was discovered in the Linux kernel through 5.18.3 on powerpc ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b53a18c69912f44bb9926968da3d42633ac4fb5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b53a18c69912f44bb9926968da3d42633ac4fb5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220629/7d9bcd99/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list