[Git][security-tracker-team/security-tracker][master] 3 commits: lts: add kicad

Emilio Pozuelo Monfort (@pochu) pochu at debian.org
Wed Mar 9 09:17:04 GMT 2022 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3565368e by Emilio Pozuelo Monfort at 2022-03-09T10:07:46+01:00
lts: add kicad

- - - - -
5a456bd7 by Emilio Pozuelo Monfort at 2022-03-09T10:07:48+01:00
lts: CVE-2021-35452/libde265 postponed on stretch

- - - - -
4bd85cd0 by Emilio Pozuelo Monfort at 2022-03-09T10:07:49+01:00
Mark CVE-2022-0856/libcaca as unimportant

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -834,8 +834,9 @@ CVE-2022-0858
 CVE-2022-0857
 	RESERVED
 CVE-2022-0856 (libcaca is affected by a Divide By Zero issue via img2txt, which allow ...)
-	- libcaca <unfixed>
+	- libcaca <unfixed> (unimportant)
 	NOTE: https://github.com/cacalabs/libcaca/issues/65
+	NOTE: Crash in CLI tool, no security impact
 CVE-2022-0855 (Improper Resolution of Path Equivalence in GitHub repository microwebe ...)
 	NOT-FOR-US: microweber (whmcs_plugin)
 CVE-2022-0854
@@ -45602,6 +45603,7 @@ CVE-2021-35453
 	RESERVED
 CVE-2021-35452 (An Incorrect Access Control vulnerability exists in libde265 v1.0.8 du ...)
 	- libde265 <unfixed>
+	[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
 	NOTE: https://github.com/strukturag/libde265/issues/298
 CVE-2021-35451 (In Teradici PCoIP Management Console-Enterprise 20.07.0, an unauthenti ...)
 	NOT-FOR-US: Teradici PCoIP Management Console-Enterprise


=====================================
data/dla-needed.txt
=====================================
@@ -53,6 +53,8 @@ intel-microcode
 kcron (Anton)
   NOTE: 20220227: please check, whether the CVE is applicable (Anton)
 --
+kicad
+--
 libarchive (Thorsten Alteholz)
   NOTE: 20220225: fix seems to be incomplete
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/db00df26ce90b1cce22e0e1ee15c60af93963364...4bd85cd08330f99ecd30ad2e410cb5d10f9fac20

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/db00df26ce90b1cce22e0e1ee15c60af93963364...4bd85cd08330f99ecd30ad2e410cb5d10f9fac20
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220309/4e8bf2ca/attachment.htm>

More information about the debian-security-tracker-commits mailing list