[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 30 21:10:33 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1cd025d7 by security tracker role at 2022-06-30T20:10:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,115 @@
+CVE-2022-34875
+ RESERVED
+CVE-2022-34874
+ RESERVED
+CVE-2022-34873
+ RESERVED
+CVE-2022-34872
+ RESERVED
+CVE-2022-34871
+ RESERVED
+CVE-2022-34870
+ RESERVED
+CVE-2022-34858
+ RESERVED
+CVE-2022-34853
+ RESERVED
+CVE-2022-34847
+ RESERVED
+CVE-2022-34839
+ RESERVED
+CVE-2022-34838
+ RESERVED
+CVE-2022-34837
+ RESERVED
+CVE-2022-34836
+ RESERVED
+CVE-2022-34654
+ RESERVED
+CVE-2022-34650
+ RESERVED
+CVE-2022-34487
+ RESERVED
+CVE-2022-34347
+ RESERVED
+CVE-2022-34155
+ RESERVED
+CVE-2022-34149
+ RESERVED
+CVE-2022-34148
+ RESERVED
+CVE-2022-33974
+ RESERVED
+CVE-2022-33965
+ RESERVED
+CVE-2022-33961
+ RESERVED
+CVE-2022-33960
+ RESERVED
+CVE-2022-33901
+ RESERVED
+CVE-2022-33900
+ RESERVED
+CVE-2022-33198
+ RESERVED
+CVE-2022-33191
+ RESERVED
+CVE-2022-33177
+ RESERVED
+CVE-2022-32970
+ RESERVED
+CVE-2022-32776
+ RESERVED
+CVE-2022-32587
+ RESERVED
+CVE-2022-30998
+ RESERVED
+CVE-2022-30705
+ RESERVED
+CVE-2022-29495
+ RESERVED
+CVE-2022-29489
+ RESERVED
+CVE-2022-27235
+ RESERVED
+CVE-2022-26366
+ RESERVED
+CVE-2022-25952
+ RESERVED
+CVE-2022-2276
+ RESERVED
+CVE-2022-2275
+ RESERVED
+CVE-2022-2274
+ RESERVED
+CVE-2022-2273
+ RESERVED
+CVE-2022-2272
+ RESERVED
+CVE-2022-2271
+ RESERVED
+CVE-2022-2270
+ RESERVED
+CVE-2022-2269
+ RESERVED
+CVE-2022-2268
+ RESERVED
+CVE-2022-2267
+ RESERVED
+CVE-2022-2266
+ RESERVED
+CVE-2022-2265
+ RESERVED
+CVE-2022-2264
+ RESERVED
+CVE-2022-2263
+ RESERVED
+CVE-2022-2262
+ RESERVED
+CVE-2022-2261
+ RESERVED
+CVE-2022-2260
+ RESERVED
CVE-2022-34835 (In Das U-Boot through 2022.07-rc5, an integer signedness error and res ...)
- u-boot <unfixed>
[bullseye] - u-boot <no-dsa> (Minor issue)
@@ -46,131 +158,89 @@ CVE-2022-34820
RESERVED
CVE-2022-34819
RESERVED
-CVE-2022-34818
- RESERVED
+CVE-2022-34818 (Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perfo ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34817
- RESERVED
+CVE-2022-34817 (A cross-site request forgery (CSRF) vulnerability in Jenkins Failed Jo ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34816
- RESERVED
+CVE-2022-34816 (Jenkins HPE Network Virtualization Plugin 1.0 stores passwords unencry ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34815
- RESERVED
+CVE-2022-34815 (A cross-site request forgery (CSRF) vulnerability in Jenkins Request R ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34814
- RESERVED
+CVE-2022-34814 (Jenkins Request Rename Or Delete Plugin 1.1.0 and earlier does not cor ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34813
- RESERVED
+CVE-2022-34813 (A missing permission check in Jenkins XPath Configuration Viewer Plugi ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34812
- RESERVED
+CVE-2022-34812 (A cross-site request forgery (CSRF) vulnerability in Jenkins XPath Con ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34811
- RESERVED
+CVE-2022-34811 (A missing permission check in Jenkins XPath Configuration Viewer Plugi ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34810
- RESERVED
+CVE-2022-34810 (A missing check in Jenkins RQM Plugin 2.8 and earlier allows attackers ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34809
- RESERVED
+CVE-2022-34809 (Jenkins RQM Plugin 2.8 and earlier stores a password unencrypted in it ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34808
- RESERVED
+CVE-2022-34808 (Jenkins Cisco Spark Plugin 1.1.1 and earlier stores bearer tokens unen ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34807
- RESERVED
+CVE-2022-34807 (Jenkins Elasticsearch Query Plugin 1.2 and earlier stores a password u ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34806
- RESERVED
+CVE-2022-34806 (Jenkins Jigomerge Plugin 0.9 and earlier stores passwords unencrypted ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34805
- RESERVED
+CVE-2022-34805 (Jenkins Skype notifier Plugin 1.1.0 and earlier stores a password unen ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34804
- RESERVED
+CVE-2022-34804 (Jenkins OpsGenie Plugin 1.9 and earlier transmits API keys in plain te ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34803
- RESERVED
+CVE-2022-34803 (Jenkins OpsGenie Plugin 1.9 and earlier stores API keys unencrypted in ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34802
- RESERVED
+CVE-2022-34802 (Jenkins RocketChat Notifier Plugin 1.5.2 and earlier stores the login ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34801
- RESERVED
+CVE-2022-34801 (Jenkins Build Notifications Plugin 1.5.0 and earlier transmits tokens ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34800
- RESERVED
+CVE-2022-34800 (Jenkins Build Notifications Plugin 1.5.0 and earlier stores tokens une ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34799
- RESERVED
+CVE-2022-34799 (Jenkins Deployment Dashboard Plugin 1.0.10 and earlier stores a passwo ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34798
- RESERVED
+CVE-2022-34798 (Jenkins Deployment Dashboard Plugin 1.0.10 and earlier does not perfor ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34797
- RESERVED
+CVE-2022-34797 (A cross-site request forgery (CSRF) vulnerability in Jenkins Deploymen ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34796
- RESERVED
+CVE-2022-34796 (A missing permission check in Jenkins Deployment Dashboard Plugin 1.0. ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34795
- RESERVED
+CVE-2022-34795 (Jenkins Deployment Dashboard Plugin 1.0.10 and earlier does not escape ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34794
- RESERVED
+CVE-2022-34794 (Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier all ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34793
- RESERVED
+CVE-2022-34793 (Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parse ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34792
- RESERVED
+CVE-2022-34792 (A cross-site request forgery (CSRF) vulnerability in Jenkins Recipe Pl ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34791
- RESERVED
+CVE-2022-34791 (Jenkins Validating Email Parameter Plugin 1.10 and earlier does not es ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34790
- RESERVED
+CVE-2022-34790 (Jenkins eXtreme Feedback Panel Plugin 2.0.1 and earlier does not escap ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34789
- RESERVED
+CVE-2022-34789 (A cross-site request forgery (CSRF) vulnerability in Jenkins Matrix Re ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34788
- RESERVED
+CVE-2022-34788 (Jenkins Matrix Reloaded Plugin 1.1.3 and earlier does not escape the a ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34787
- RESERVED
+CVE-2022-34787 (Jenkins Project Inheritance Plugin 21.04.03 and earlier does not escap ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34786
- RESERVED
+CVE-2022-34786 (Jenkins Rich Text Publisher Plugin 1.4 and earlier does not escape the ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34785
- RESERVED
+CVE-2022-34785 (Jenkins build-metrics Plugin 1.3 and earlier does not perform permissi ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34784
- RESERVED
+CVE-2022-34784 (Jenkins build-metrics Plugin 1.3 does not escape the build description ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34783
- RESERVED
+CVE-2022-34783 (Jenkins Plot Plugin 2.1.10 and earlier does not escape plot descriptio ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34782
- RESERVED
+CVE-2022-34782 (An incorrect permission check in Jenkins requests-plugin Plugin 2.2.16 ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34781
- RESERVED
+CVE-2022-34781 (Missing permission checks in Jenkins XebiaLabs XL Release Plugin 22.0. ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34780
- RESERVED
+CVE-2022-34780 (A cross-site request forgery (CSRF) vulnerability in Jenkins XebiaLabs ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34779
- RESERVED
+CVE-2022-34779 (A missing permission check in Jenkins XebiaLabs XL Release Plugin 22.0 ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34778
- RESERVED
+CVE-2022-34778 (Jenkins TestNG Results Plugin 554.va4a552116332 and earlier renders th ...)
NOT-FOR-US: Jenkins plugin
-CVE-2022-34777
- RESERVED
+CVE-2022-34777 (Jenkins GitLab Plugin 1.5.34 and earlier does not escape multiple fiel ...)
NOT-FOR-US: Jenkins plugin
CVE-2022-34776
RESERVED
@@ -993,7 +1063,7 @@ CVE-2022-2201
RESERVED
CVE-2022-2200
RESERVED
- {DSA-5172-1}
+ {DSA-5172-1 DLA-3064-1}
- firefox 102.0-1
- firefox-esr 91.11.0esr-1
- thunderbird <unfixed>
@@ -1008,7 +1078,7 @@ CVE-2022-34485
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-24/#CVE-2022-34485
CVE-2022-34484
RESERVED
- {DSA-5172-1}
+ {DSA-5172-1 DLA-3064-1}
- firefox 102.0-1
- firefox-esr 91.11.0esr-1
- thunderbird <unfixed>
@@ -1025,7 +1095,7 @@ CVE-2022-34482
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-24/#CVE-2022-34482
CVE-2022-34481
RESERVED
- {DSA-5172-1}
+ {DSA-5172-1 DLA-3064-1}
- firefox 102.0-1
- firefox-esr 91.11.0esr-1
- thunderbird <unfixed>
@@ -1038,7 +1108,7 @@ CVE-2022-34480
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-24/#CVE-2022-34480
CVE-2022-34479
RESERVED
- {DSA-5172-1}
+ {DSA-5172-1 DLA-3064-1}
- firefox 102.0-1
- firefox-esr 91.11.0esr-1
- thunderbird <unfixed>
@@ -1075,7 +1145,7 @@ CVE-2022-34473
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-24/#CVE-2022-34473
CVE-2022-34472
RESERVED
- {DSA-5172-1}
+ {DSA-5172-1 DLA-3064-1}
- firefox 102.0-1
- firefox-esr 91.11.0esr-1
- thunderbird <unfixed>
@@ -1088,7 +1158,7 @@ CVE-2022-34471
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-24/#CVE-2022-34471
CVE-2022-34470
RESERVED
- {DSA-5172-1}
+ {DSA-5172-1 DLA-3064-1}
- firefox 102.0-1
- firefox-esr 91.11.0esr-1
- thunderbird <unfixed>
@@ -1101,7 +1171,7 @@ CVE-2022-34469
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-24/#CVE-2022-34469
CVE-2022-34468
RESERVED
- {DSA-5172-1}
+ {DSA-5172-1 DLA-3064-1}
- firefox 102.0-1
- firefox-esr 91.11.0esr-1
- thunderbird <unfixed>
@@ -1874,6 +1944,7 @@ CVE-2022-2154
RESERVED
CVE-2022-2153
RESERVED
+ {DLA-3065-1}
- linux 5.17.3-1
[bullseye] - linux 5.10.113-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2069736
@@ -2329,6 +2400,7 @@ CVE-2022-29895
CVE-2022-29871
RESERVED
CVE-2022-33981 (drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable ...)
+ {DLA-3065-1}
- linux 5.17.6-1
[bullseye] - linux 5.10.113-1
NOTE: https://www.openwall.com/lists/oss-security/2022/04/28/1
@@ -4146,8 +4218,7 @@ CVE-2022-2080
RESERVED
CVE-2022-2079 (Cross-site Scripting (XSS) - Stored in GitHub repository nocodb/nocodb ...)
NOT-FOR-US: nocodb
-CVE-2022-2078
- RESERVED
+CVE-2022-2078 (A vulnerability was found in the Linux kernel's nft_set_desc_concat_pa ...)
- linux 5.18.2-1
[bullseye] - linux 5.10.120-1
[buster] - linux <not-affected> (Vulnerable code not present)
@@ -4487,8 +4558,8 @@ CVE-2022-33045
RESERVED
CVE-2022-33044
RESERVED
-CVE-2022-33043
- RESERVED
+CVE-2022-33043 (A cross-site scripting (XSS) vulnerability in the batch add function o ...)
+ TODO: check
CVE-2022-33042 (Online Railway Reservation System v1.0 was discovered to contain a SQL ...)
NOT-FOR-US: Online Railway Reservation System
CVE-2022-33041
@@ -4683,12 +4754,12 @@ CVE-2017-20053 (A vulnerability was found in XYZScripts Contact Form Manager Plu
NOT-FOR-US: XYZScripts Contact Form Manager Plugin
CVE-2017-20052 (A vulnerability classified as problematic was found in Python 2.7.13. ...)
NOT-FOR-US: pgadmin on Windows
-CVE-2022-2058
- RESERVED
-CVE-2022-2057
- RESERVED
-CVE-2022-2056
- RESERVED
+CVE-2022-2058 (Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to ...)
+ TODO: check
+CVE-2022-2057 (Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to ...)
+ TODO: check
+CVE-2022-2056 (Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to ...)
+ TODO: check
CVE-2022-2055
RESERVED
CVE-2022-2054 (Command Injection in GitHub repository nuitka/nuitka prior to 0.9. ...)
@@ -6437,6 +6508,7 @@ CVE-2019-25063 (A vulnerability was found in Sricam IP CCTV Camera. It has been
CVE-2019-25062 (A vulnerability was found in Sricam IP CCTV Camera and classified as c ...)
NOT-FOR-US: Sricam IP CCTV Camera
CVE-2022-32296 (The Linux kernel before 5.17.9 allows TCP servers to identify clients ...)
+ {DLA-3065-1}
- linux 5.17.11-1
NOTE: https://git.kernel.org/linus/4c2c8f03a5ab7cb04ec64724d7d176d00bcc91e5 (5.18-rc6)
CVE-2022-32287
@@ -6526,7 +6598,7 @@ CVE-2022-32252 (A vulnerability has been identified in SINEMA Remote Connect Ser
CVE-2022-32251 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
NOT-FOR-US: Siemens
CVE-2022-32250 (net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allow ...)
- {DSA-5161-1}
+ {DSA-5161-1 DLA-3065-1}
- linux 5.18.2-1
NOTE: https://www.openwall.com/lists/oss-security/2022/05/31/1
NOTE: https://git.kernel.org/linus/520778042ccca019f3ffa136dd0ca565c486cedd
@@ -6682,13 +6754,13 @@ CVE-2022-1976
NOTE: https://www.openwall.com/lists/oss-security/2022/06/14/2
CVE-2022-1975 [NFC: netlink: fix sleep in atomic bug when firmware download timeout]
RESERVED
- {DSA-5161-1}
+ {DSA-5161-1 DLA-3065-1}
- linux 5.17.11-1
NOTE: https://www.openwall.com/lists/oss-security/2022/06/05/2
NOTE: https://git.kernel.org/linus/4071bf121d59944d5cd2238de0642f3d7995a997 (5.18-rc6)
CVE-2022-1974
RESERVED
- {DSA-5161-1}
+ {DSA-5161-1 DLA-3065-1}
- linux 5.17.11-1
NOTE: https://www.openwall.com/lists/oss-security/2022/06/05/1
NOTE: https://git.kernel.org/linus/da5c0f119203ad9728920456a0f52a6d850c01cd (5.18-rc6)
@@ -6901,8 +6973,8 @@ CVE-2022-1957
RESERVED
CVE-2022-1956
RESERVED
-CVE-2022-1955
- RESERVED
+CVE-2022-1955 (Session 1.13.0 allows an attacker with physical access to the victim's ...)
+ TODO: check
CVE-2022-1954
RESERVED
CVE-2022-1953 (The Product Configurator for WooCommerce WordPress plugin before 1.2.3 ...)
@@ -7907,7 +7979,7 @@ CVE-2022-31745
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-20/#CVE-2022-31745
CVE-2022-31744
RESERVED
- {DSA-5172-1}
+ {DSA-5172-1 DLA-3064-1}
- firefox 101.0-1
- firefox-esr 91.11.0esr-1
- thunderbird <unfixed>
@@ -8523,8 +8595,7 @@ CVE-2022-1853
- chromium 102.0.5005.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2022-1852 [KVM: x86: avoid calling x86 emulator without a decoded instruction]
- RESERVED
+CVE-2022-1852 (A NULL pointer dereference flaw was found in the Linux kernel’s ...)
{DSA-5161-1}
- linux 5.18.2-1
[buster] - linux <not-affected> (Vulnerable code not present)
@@ -9665,8 +9736,8 @@ CVE-2022-31114
RESERVED
CVE-2022-31113
RESERVED
-CVE-2022-31112
- RESERVED
+CVE-2022-31112 (Parse Server is an open source backend that can be deployed to any inf ...)
+ TODO: check
CVE-2022-31111
RESERVED
CVE-2022-31110 (RSSHub is an open source, extensible RSS feed generator. In commits pr ...)
@@ -10358,6 +10429,7 @@ CVE-2022-1735 (Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2
NOTE: https://github.com/vim/vim/commit/7ce5b2b590256ce53d6af28c1d203fb3bc1d2d97 (v8.2.4969)
NOTE: Crash in CLI tool, no security impact
CVE-2022-1734 (A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in driver ...)
+ {DLA-3065-1}
- linux 5.17.11-1 (unimportant)
[bullseye] - linux 5.10.120-1
NOTE: https://git.kernel.org/linus/d270453a0d9ec10bb8a802a142fb1b3601a83098 (5.18-rc6)
@@ -10375,7 +10447,7 @@ CVE-2022-1730 (Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/d
NOT-FOR-US: jgraph/drawio
CVE-2022-1729 [perf: Fix sys_perf_event_open() race against self]
RESERVED
- {DSA-5161-1}
+ {DSA-5161-1 DLA-3065-1}
- linux 5.17.11-1
NOTE: https://www.openwall.com/lists/oss-security/2022/05/20/2
NOTE: https://git.kernel.org/linus/3ac6487e584a1eb54071dbe1212e05b884136704
@@ -11294,6 +11366,7 @@ CVE-2022-1678 (An issue was discovered in the Linux Kernel from 4.18 to 4.19, an
NOTE: https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing@gmail.com/
NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0a70f118475e037732557796accd0878a00fc25a
CVE-2022-30594 (The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTR ...)
+ {DLA-3065-1}
- linux 5.17.3-1
[bullseye] - linux 5.10.113-1
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2276
@@ -13339,7 +13412,7 @@ CVE-2022-1518 (LRM contains a directory traversal vulnerability that can allow a
CVE-2022-1517 (LRM utilizes elevated privileges. An unauthenticated malicious actor c ...)
NOT-FOR-US: LRM
CVE-2022-1516 (A NULL pointer dereference flaw was found in the Linux kernel’s ...)
- {DSA-5127-1}
+ {DSA-5127-1 DLA-3065-1}
- linux 5.17.3-1 (unimportant)
NOTE: Fixed by: https://git.kernel.org/linus/7781607938c8371d4c2b243527430241c62e39c2 (5.18-rc1)
NOTE: CONFIG_X25 is not set in Debian
@@ -15188,7 +15261,7 @@ CVE-2022-1354
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/319
NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798
CVE-2022-1353 (A vulnerability was found in the pfkey_register function in net/key/af ...)
- {DSA-5127-1}
+ {DSA-5127-1 DLA-3065-1}
- linux 5.17.3-1
NOTE: https://git.kernel.org/linus/9a564bccb78a76740ea9d75a259942df8143d02c (5.17)
CVE-2022-1352 (Due to an insecure direct object reference vulnerability in Gitlab EE/ ...)
@@ -17121,7 +17194,7 @@ CVE-2022-28607
RESERVED
CVE-2022-28606 (An arbitrary file upload vulnerability exists in Wenzhou Huoyin Inform ...)
NOT-FOR-US: BossCMS
-CVE-2022-28605 (LinkPlay Sound Bar v1.0 allows attackers to escalate privileges via a ...)
+CVE-2022-28605 (Hardcoded admin token in SoundBar apps in Linkplay SDK 1.00 allows rem ...)
NOT-FOR-US: LinkPlay Sound Bar
CVE-2022-28604
RESERVED
@@ -17552,7 +17625,8 @@ CVE-2022-28398
RESERVED
CVE-2022-28397 (** DISPUTED ** An arbitrary file upload vulnerability in the file uplo ...)
NOT-FOR-US: Ghost CMS
-CVE-2022-28396 (Apostrophe v3.16.1 was discovered to contain a remote code execution ( ...)
+CVE-2022-28396
+ REJECTED
NOT-FOR-US: Apostrophe CMS
CVE-2022-28395
RESERVED
@@ -17569,7 +17643,7 @@ CVE-2022-28391 (BusyBox through 1.35.0 allows remote attackers to execute arbitr
[stretch] - busybox <no-dsa> (Minor issue)
NOTE: https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
CVE-2022-28390 (ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kerne ...)
- {DSA-5127-1}
+ {DSA-5127-1 DLA-3065-1}
- linux 5.17.3-1
NOTE: https://git.kernel.org/linus/c70222752228a62135cee3409dccefd494a24646 (5.18-rc1)
CVE-2022-28389 (mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux ker ...)
@@ -17675,7 +17749,7 @@ CVE-2022-28358
CVE-2022-28357
RESERVED
CVE-2022-28356 (In the Linux kernel before 5.17.1, a refcount leak bug was found in ne ...)
- {DSA-5127-1}
+ {DSA-5127-1 DLA-3065-1}
- linux 5.16.18-1
NOTE: https://git.kernel.org/linus/764f4eb6846f5475f1244767d24d25dd86528a4a
NOTE: https://www.openwall.com/lists/oss-security/2022/04/06/1
@@ -17943,13 +18017,13 @@ CVE-2022-28281
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/#CVE-2022-28281
CVE-2022-1199
RESERVED
- {DSA-5127-1}
+ {DSA-5127-1 DLA-3065-1}
- linux 5.16.18-1
[buster] - linux 4.19.235-1
NOTE: https://www.openwall.com/lists/oss-security/2022/04/02/5
CVE-2022-1198
RESERVED
- {DSA-5127-1}
+ {DSA-5127-1 DLA-3065-1}
- linux 5.16.18-1
NOTE: https://www.openwall.com/lists/oss-security/2022/04/02/3
CVE-2022-1197
@@ -21068,7 +21142,7 @@ CVE-2022-1017
RESERVED
CVE-2022-1016
RESERVED
- {DSA-5127-1}
+ {DSA-5127-1 DLA-3065-1}
- linux 5.16.18-1
NOTE: https://www.openwall.com/lists/oss-security/2022/03/28/5
NOTE: Fixed by: https://git.kernel.org/linus/4c905f6740a365464e91467aa50916555b28213d
@@ -21087,10 +21161,11 @@ CVE-2022-1013 (The Personal Dictionary WordPress plugin before 1.3.4 fails to pr
NOT-FOR-US: WordPress plugin
CVE-2022-1012
RESERVED
- {DSA-5161-1}
+ {DSA-5161-1 DLA-3065-1}
- linux 5.17.11-1
NOTE: https://git.kernel.org/linus/b2d057560b8107c633b39aabe517ff9d93f285e3 (5.18-rc6)
CVE-2022-1011 (A use-after-free flaw was found in the Linux kernel’s FUSE files ...)
+ {DLA-3065-1}
- linux 5.16.18-1
[bullseye] - linux 5.10.106-1
NOTE: https://git.kernel.org/linus/0c4bcfdecb1ac0967619ee7ff44871d93c08c909 (5.17-rc8)
@@ -21161,6 +21236,7 @@ CVE-2022-27225 (Gradle Enterprise before 2021.4.3 relies on cleartext data trans
CVE-2022-27224 (An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6 ...)
NOT-FOR-US: Galleon NTS-6002-GPS
CVE-2022-27223 (In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16 ...)
+ {DLA-3065-1}
- linux 5.16.12-1
[bullseye] - linux 5.10.103-1
[buster] - linux 4.19.232-1
@@ -21955,6 +22031,7 @@ CVE-2022-26967 (GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode
NOTE: https://github.com/gpac/gpac/issues/2138
NOTE: https://github.com/gpac/gpac/commit/ea1eca00fd92fa17f0e25ac25652622924a9a6a0
CVE-2022-26966 (An issue was discovered in the Linux kernel before 5.16.12. drivers/ne ...)
+ {DLA-3065-1}
- linux 5.16.12-1
[bullseye] - linux 5.10.103-1
[buster] - linux 4.19.232-1
@@ -23183,7 +23260,7 @@ CVE-2020-36517 (An information leak in Nabu Casa Home Assistant Operating System
CVE-2022-0868 (Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10. ...)
NOT-FOR-US: Node urijs
CVE-2022-26490 (st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in t ...)
- {DSA-5127-1}
+ {DSA-5127-1 DLA-3065-1}
- linux 5.16.18-1
NOTE: https://git.kernel.org/linus/4fbcc1a4cb20fe26ad0225679c536c80f1648221 (5.17-rc1)
CVE-2022-26486
@@ -23395,7 +23472,7 @@ CVE-2022-0856 (libcaca is affected by a Divide By Zero issue via img2txt, which
CVE-2022-0855 (Improper Resolution of Path Equivalence in GitHub repository microwebe ...)
NOT-FOR-US: microweber (whmcs_plugin)
CVE-2022-0854 (A memory leak flaw was found in the Linux kernel’s DMA subsystem ...)
- {DSA-5161-1}
+ {DSA-5161-1 DLA-3065-1}
- linux 5.17.3-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2058395
NOTE: https://git.kernel.org/linus/ddbd89deb7d32b1fbb879f48d68fda1a8ac58e8e (5.17-rc6)
@@ -24133,6 +24210,7 @@ CVE-2022-26057 (Vulnerabilities in the Mint WorkBench allow a low privileged att
NOT-FOR-US: Mind Workbench
CVE-2022-0812 [NFS over RDMA random memory leakage]
RESERVED
+ {DLA-3065-1}
- linux 5.7.10-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2058955
NOTE: https://git.kernel.org/linus/912288442cb2f431bf3c8cb097a5de83bc6dbac1 (5.8-rc6)
@@ -27603,6 +27681,7 @@ CVE-2022-24959 (An issue was discovered in the Linux kernel before 5.16.5. There
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://git.kernel.org/linus/29eb31542787e1019208a2e1047bb7c76c069536 (5.17-rc2)
CVE-2022-24958 (drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 m ...)
+ {DLA-3065-1}
- linux 5.16.14-1
[bullseye] - linux 5.10.106-1
[buster] - linux 4.19.235-1
@@ -29263,7 +29342,7 @@ CVE-2022-0496
CVE-2022-0495
RESERVED
CVE-2022-0494 (A kernel information leak flaw was identified in the scsi_ioctl functi ...)
- {DSA-5161-1}
+ {DSA-5161-1 DLA-3065-1}
- linux 5.16.14-1
NOTE: https://git.kernel.org/linus/cc8f7fe1f5eab010191aa4570f27641876fa1267 (5.17-rc5)
CVE-2022-0493 (The String locator WordPress plugin before 2.5.0 does not properly val ...)
@@ -31010,6 +31089,7 @@ CVE-2022-23962
CVE-2022-23961
RESERVED
CVE-2022-23960 (Certain Arm Cortex and Neoverse processors through 2022-03-08 do not p ...)
+ {DLA-3065-1}
- linux 5.16.14-1
[bullseye] - linux 5.10.106-1
[buster] - linux 4.19.235-1
@@ -34459,35 +34539,42 @@ CVE-2022-23044
CVE-2022-23043 (Zenario CMS 9.2 allows an authenticated admin user to bypass the file ...)
NOT-FOR-US: Zenario CMS
CVE-2022-23042 (Linux PV device frontends vulnerable to attacks by backends T[his CNA ...)
+ {DLA-3065-1}
- linux 5.16.14-1
[bullseye] - linux 5.10.106-1
[buster] - linux 4.19.235-1
NOTE: https://xenbits.xen.org/xsa/advisory-396.html
CVE-2022-23041 (Linux PV device frontends vulnerable to attacks by backends T[his CNA ...)
+ {DLA-3065-1}
- linux 5.16.14-1
[bullseye] - linux 5.10.106-1
[buster] - linux 4.19.235-1
NOTE: https://xenbits.xen.org/xsa/advisory-396.html
CVE-2022-23040 (Linux PV device frontends vulnerable to attacks by backends T[his CNA ...)
+ {DLA-3065-1}
- linux 5.16.14-1
[bullseye] - linux 5.10.106-1
[buster] - linux 4.19.235-1
NOTE: https://xenbits.xen.org/xsa/advisory-396.html
CVE-2022-23039 (Linux PV device frontends vulnerable to attacks by backends T[his CNA ...)
+ {DLA-3065-1}
- linux 5.16.14-1
[bullseye] - linux 5.10.106-1
[buster] - linux 4.19.235-1
NOTE: https://xenbits.xen.org/xsa/advisory-396.html
CVE-2022-23038 (Linux PV device frontends vulnerable to attacks by backends T[his CNA ...)
+ {DLA-3065-1}
- linux 5.16.14-1
[bullseye] - linux 5.10.106-1
NOTE: https://xenbits.xen.org/xsa/advisory-396.html
CVE-2022-23037 (Linux PV device frontends vulnerable to attacks by backends T[his CNA ...)
+ {DLA-3065-1}
- linux 5.16.14-1
[bullseye] - linux 5.10.106-1
[buster] - linux 4.19.235-1
NOTE: https://xenbits.xen.org/xsa/advisory-396.html
CVE-2022-23036 (Linux PV device frontends vulnerable to attacks by backends T[his CNA ...)
+ {DLA-3065-1}
- linux 5.16.14-1
[bullseye] - linux 5.10.106-1
[buster] - linux 4.19.235-1
@@ -36598,12 +36685,12 @@ CVE-2022-22498
RESERVED
CVE-2022-22497 (IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due ...)
NOT-FOR-US: IBM
-CVE-2022-22496
- RESERVED
+CVE-2022-22496 (While a user account for the IBM Spectrum Protect Server 8.1.0.000 thr ...)
+ TODO: check
CVE-2022-22495 (IBM i 7.3, 7.4, and 7.5 is vulnerable to SQL injection. A remote attac ...)
NOT-FOR-US: IBM
-CVE-2022-22494
- RESERVED
+CVE-2022-22494 (IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could ...)
+ TODO: check
CVE-2022-22493
RESERVED
CVE-2022-22492
@@ -36616,8 +36703,8 @@ CVE-2022-22489
RESERVED
CVE-2022-22488
RESERVED
-CVE-2022-22487
- RESERVED
+CVE-2022-22487 (An IBM Spectrum Protect storage agent could allow a remote attacker to ...)
+ TODO: check
CVE-2022-22486
RESERVED
CVE-2022-22485 (In some cases, an unsuccessful attempt to log into IBM Spectrum Protec ...)
@@ -36634,20 +36721,20 @@ CVE-2022-22480
RESERVED
CVE-2022-22479 (IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerabl ...)
NOT-FOR-US: IBM
-CVE-2022-22478
- RESERVED
+CVE-2022-22478 (IBM Spectrum Protect Client 8.1.0.0 through 8.1.14.0 stores user crede ...)
+ TODO: check
CVE-2022-22477
RESERVED
CVE-2022-22476
RESERVED
CVE-2022-22475 (IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 thr ...)
NOT-FOR-US: IBM
-CVE-2022-22474
- RESERVED
+CVE-2022-22474 (IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsv ...)
+ TODO: check
CVE-2022-22473
RESERVED
-CVE-2022-22472
- RESERVED
+CVE-2022-22472 (IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through ...)
+ TODO: check
CVE-2022-22471
RESERVED
CVE-2022-22470
@@ -39546,6 +39633,7 @@ CVE-2021-4150 (A use-after-free flaw was found in the add_partition in block/par
- linux <not-affected> (Vulnerability introduced and fixed in experimental)
NOTE: https://git.kernel.org/linus/9fbfabfda25d8774c5a08634fdd2da000a924890 (5.15-rc7)
CVE-2021-4149 (A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tre ...)
+ {DLA-3065-1}
- linux 5.14.16-1
[buster] - linux 4.19.235-1
NOTE: https://git.kernel.org/linus/19ea40dddf1833db868533958ca066f368862211 (5.15-rc6)
@@ -46762,6 +46850,7 @@ CVE-2022-21180 (Improper input validation for some Intel(R) Processors may allow
NOT-FOR-US: Intel
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00645.html
CVE-2022-21166 (Incomplete cleanup in specific special register write operations for s ...)
+ {DLA-3065-1}
- intel-microcode 3.20220510.1
- linux 5.18.5-1
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html
@@ -46774,6 +46863,7 @@ CVE-2022-21127 (Incomplete cleanup in specific special register read operations
NOTE: https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/processor-mmio-stale-data-vulnerabilities.html#SRBDS-Update
NOTE: https://xenbits.xen.org/xsa/advisory-404.html
CVE-2022-21125 (Incomplete cleanup of microarchitectural fill buffers on some Intel(R) ...)
+ {DLA-3065-1}
- intel-microcode 3.20220510.1
- linux 5.18.5-1
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html
@@ -46781,6 +46871,7 @@ CVE-2022-21125 (Incomplete cleanup of microarchitectural fill buffers on some In
NOTE: Linux kernel documentation patch: https://git.kernel.org/linus/4419470191386456e0b8ed4eb06a70b0021798a6
NOTE: NOTE: https://xenbits.xen.org/xsa/advisory-404.html
CVE-2022-21123 (Incomplete cleanup of multi-core shared buffers for some Intel(R) Proc ...)
+ {DLA-3065-1}
- intel-microcode 3.20220510.1
- linux 5.18.5-1
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html
@@ -54490,8 +54581,8 @@ CVE-2021-41508
RESERVED
CVE-2021-41507
RESERVED
-CVE-2021-41506
- RESERVED
+CVE-2021-41506 (Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2 ...)
+ TODO: check
CVE-2021-41505
RESERVED
CVE-2021-41504 (** UNSUPPORTED WHEN ASSIGNED ** An Elevated Privileges issue exists in ...)
@@ -56617,8 +56708,8 @@ CVE-2021-40665
RESERVED
CVE-2021-40664
RESERVED
-CVE-2021-40663
- RESERVED
+CVE-2021-40663 (deep.assign npm package 0.0.0-alpha.0 is vulnerable to Improperly Cont ...)
+ TODO: check
CVE-2021-40662 (A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows atta ...)
NOT-FOR-US: Chamilo LMS
CVE-2021-40661
@@ -56663,8 +56754,8 @@ CVE-2021-40645 (An SQL Injection vulnerability exists in glorylion JFinalOA as o
NOT-FOR-US: glorylion JFinalQA
CVE-2021-40644 (An SQL Injection vulnerability exists in oasys oa_system as of 9/7/202 ...)
NOT-FOR-US: oasys Office Automation system
-CVE-2021-40643
- RESERVED
+CVE-2021-40643 (EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerabil ...)
+ TODO: check
CVE-2021-40642 (Textpattern CMS v4.8.7 and older vulnerability exists through Sensitiv ...)
TODO: check
CVE-2021-40641
@@ -58969,7 +59060,7 @@ CVE-2021-39714 (In ion_buffer_kmap_get of ion.c, there is a possible use-after-f
- linux 4.12.6-1
NOTE: https://source.android.com/security/bulletin/pixel/2022-03-01
CVE-2021-39713 (Product: AndroidVersions: Android kernelAndroid ID: A-173788806Referen ...)
- {DSA-5096-1 DLA-2941-1}
+ {DSA-5096-1 DLA-3065-1 DLA-2941-1}
- linux 5.2.6-1
NOTE: https://source.android.com/security/bulletin/pixel/2022-03-01
CVE-2021-39712 (In TBD of TBD, there is a possible user after free vulnerability due t ...)
@@ -60920,8 +61011,8 @@ CVE-2021-38956 (IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 could disclos
NOT-FOR-US: IBM
CVE-2021-38955 (IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user with elev ...)
NOT-FOR-US: IBM
-CVE-2021-38954
- RESERVED
+CVE-2021-38954 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 a ...)
+ TODO: check
CVE-2021-38953
RESERVED
CVE-2021-38952 (IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scr ...)
@@ -60946,8 +61037,8 @@ CVE-2021-38943
RESERVED
CVE-2021-38942
RESERVED
-CVE-2021-38941
- RESERVED
+CVE-2021-38941 (IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few container ...)
+ TODO: check
CVE-2021-38940
RESERVED
CVE-2021-38939 (IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive informa ...)
@@ -64032,8 +64123,8 @@ CVE-2021-37793
RESERVED
CVE-2021-37792
RESERVED
-CVE-2021-37791
- RESERVED
+CVE-2021-37791 (MyAdmin v1.0 is affected by an incorrect access control vulnerability ...)
+ TODO: check
CVE-2021-37790
RESERVED
CVE-2021-37789
@@ -64058,8 +64149,8 @@ CVE-2021-37780
RESERVED
CVE-2021-37779
RESERVED
-CVE-2021-37778
- RESERVED
+CVE-2021-37778 (There is a buffer overflow in gps-sdr-sim v1.0 when parsing long comma ...)
+ TODO: check
CVE-2021-37777 (Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference (IDOR ...)
NOT-FOR-US: Gila CMS
CVE-2021-37776
@@ -64074,8 +64165,8 @@ CVE-2021-37772
RESERVED
CVE-2021-37771
RESERVED
-CVE-2021-37770
- RESERVED
+CVE-2021-37770 (Nucleus CMS v3.71 is affected by a file upload vulnerability. In this ...)
+ TODO: check
CVE-2021-37769
RESERVED
CVE-2021-37768
@@ -187769,6 +187860,7 @@ CVE-2020-1714 (A flaw was found in Keycloak before version 11.0.0, where the cod
CVE-2020-1713
RESERVED
CVE-2020-1712 (A heap use-after-free vulnerability was found in systemd before versio ...)
+ {DLA-3063-1}
- systemd 244.2-1 (bug #950732)
[buster] - systemd 241-7~deb10u4
[jessie] - systemd <not-affected> (Vulnerable code introduced later)
@@ -299551,6 +299643,7 @@ CVE-2018-1109 (A vulnerability was found in Braces versions prior to 2.3.1. Affe
NOTE: Fixed by: https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451 (2.3.1)
NOTE: Cf. analysis in https://bugs.debian.org/927716#38
CVE-2018-1108 (kernel drivers before version 4.17-rc1 are vulnerable to a weakness in ...)
+ {DLA-3065-1}
- linux 4.16.5-1
[jessie] - linux <not-affected> (Vulnerable code not present)
[wheezy] - linux <not-affected> (Vulnerable code not present)
@@ -442817,7 +442910,7 @@ CVE-2013-4310 (Apache Struts 2.0.0 through 2.3.15.1 allows remote attackers to b
- libstruts1.2-java <not-affected> (Affects Struts 2.0.0 - Struts 2.3.15.1)
NOTE: http://struts.apache.org/release/2.3.x/docs/s2-018.html
CVE-2013-4309
- RESERVED
+ REJECTED
CVE-2013-4308 (Cross-site scripting (XSS) vulnerability in pages/TalkpageHistoryView. ...)
NOT-FOR-US: Mediawiki LiquidThreads extension
CVE-2013-4307 (Multiple cross-site scripting (XSS) vulnerabilities in repo/includes/E ...)
@@ -443257,8 +443350,8 @@ CVE-2013-4172 (The Red Hat CloudForms Management Engine 5.1 allow remote adminis
NOT-FOR-US: RedHat CloudForms Management Engine
CVE-2013-4171 (Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller b ...)
NOT-FOR-US: Apache Roller
-CVE-2013-4170
- RESERVED
+CVE-2013-4170 (In general, Ember.js escapes or strips any user-supplied content befor ...)
+ TODO: check
CVE-2013-4169 (GNOME Display Manager (gdm) before 2.21.1 allows local users to change ...)
- gdm <removed> (unimportant)
- gdm3 <not-affected> (Only affected older gdm < 2.21.1)
@@ -443365,11 +443458,11 @@ CVE-2013-4147 (Multiple format string vulnerabilities in Yet Another Radius Daem
[squeeze] - yardradius <no-dsa> (Minor issue)
[wheezy] - yardradius <no-dsa> (Minor issue)
CVE-2013-4146
- RESERVED
+ REJECTED
CVE-2013-4145
REJECTED
-CVE-2013-4144
- RESERVED
+CVE-2013-4144 (There is an object injection vulnerability in swfupload plugin for wor ...)
+ TODO: check
CVE-2013-4143 (The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockm ...)
- xlockmore <removed>
NOTE: http://openwall.com/lists/oss-security/2013/07/16/8
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cd025d76ec3269bc8bb6a8c7237a3e7153593b4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cd025d76ec3269bc8bb6a8c7237a3e7153593b4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220630/76f3feaf/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list