[Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Mar 14 11:04:29 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2205981b by Moritz Muehlenhoff at 2022-03-14T12:04:15+01:00
buster/bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -3409,7 +3409,7 @@ CVE-2022-0742 [ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
[stretch] - linux <not-affected> (Vulnerable code not present)
- NOTE: https://git.kernel/org/linus/2d3916f3189172d5c69d33065c3c21119fe539fc (5.17-rc7)
+ NOTE: https://git.kernel.org/linus/2d3916f3189172d5c69d33065c3c21119fe539fc (5.17-rc7)
CVE-2022-0741
RESERVED
[experimental] - gitlab 14.6.5+ds1-1
@@ -7713,23 +7713,27 @@ CVE-2022-0436
CVE-2021-46669 (MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_ ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: https://jira.mariadb.org/browse/MDEV-25638
CVE-2021-46668 (MariaDB through 10.5.9 allows an application crash via certain long SE ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: https://jira.mariadb.org/browse/MDEV-25787
NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
CVE-2021-46667 (MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an ...)
- mariadb-10.6 1:10.6.5-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: https://jira.mariadb.org/browse/MDEV-26350
NOTE: Fixed in MariaDB: 10.2.41, 10.3.32, 10.4.22, 10.5.13, 10.6.5
CVE-2021-46666 (MariaDB before 10.6.2 allows an application crash because of mishandli ...)
- mariadb-10.6 <not-affected> (Fixed before initial upload to Debian)
- mariadb-10.5 1:10.5.11-1
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
[buster] - mariadb-10.3 1:10.3.31-0+deb10u1
NOTE: https://jira.mariadb.org/browse/MDEV-25635
@@ -7737,24 +7741,28 @@ CVE-2021-46666 (MariaDB before 10.6.2 allows an application crash because of mis
CVE-2021-46665 (MariaDB through 10.5.9 allows a sql_parse.cc application crash because ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: https://jira.mariadb.org/browse/MDEV-25636
NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
CVE-2021-46664 (MariaDB through 10.5.9 allows an application crash in sub_select_postj ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: https://jira.mariadb.org/browse/MDEV-25761
NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
CVE-2021-46663 (MariaDB through 10.5.13 allows a ha_maria::extra application crash via ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: https://jira.mariadb.org/browse/MDEV-26351
NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
CVE-2021-46662 (MariaDB through 10.5.9 allows a set_var.cc application crash via certa ...)
- mariadb-10.6 1:10.6.5-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: https://jira.mariadb.org/browse/MDEV-25637
NOTE: https://jira.mariadb.org/browse/MDEV-22464
@@ -7762,6 +7770,7 @@ CVE-2021-46662 (MariaDB through 10.5.9 allows a set_var.cc application crash via
CVE-2021-46661 (MariaDB through 10.5.9 allows an application crash in find_field_in_ta ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: https://jira.mariadb.org/browse/MDEV-25766
NOTE: Fixed in MariaDB: 10.7.3, 10.6.7, 10.5.15, 10.4.24, 10.3.34, 10.2.43
@@ -8164,12 +8173,14 @@ CVE-2021-46660 (Signiant Manager+Agents before 15.1 allows XML External Entity (
CVE-2021-46659 (MariaDB before 10.7.2 allows an application crash because it does not ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: https://jira.mariadb.org/browse/MDEV-25631
NOTE: Fixed in MariaDB: 10.2.42, 10.3.33, 10.4.23, 10.5.14, 10.6.6, 10.7.2
CVE-2021-46658 (save_window_function_values in MariaDB before 10.6.3 allows an applica ...)
- mariadb-10.6 <not-affected> (Fixed before initial upload to Debian)
- mariadb-10.5 1:10.5.11-1
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
[buster] - mariadb-10.3 1:10.3.31-0+deb10u1
NOTE: https://jira.mariadb.org/browse/MDEV-25630
@@ -8177,6 +8188,7 @@ CVE-2021-46658 (save_window_function_values in MariaDB before 10.6.3 allows an a
CVE-2021-46657 (get_sort_by_table in MariaDB before 10.6.2 allows an application crash ...)
- mariadb-10.6 <not-affected> (Fixed before initial upload to Debian)
- mariadb-10.5 1:10.5.11-1
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
[buster] - mariadb-10.3 1:10.3.31-0+deb10u1
NOTE: https://jira.mariadb.org/browse/MDEV-25629
@@ -8414,12 +8426,14 @@ CVE-2022-24053
CVE-2022-24052 (MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Es ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: Fixed in MariaDB: 10.6.6, 10.5.14, 10.4.23, 10.3.33, 10.2.42
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-366/
CVE-2022-24051 (MariaDB CONNECT Storage Engine Format String Privilege Escalation Vuln ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: Fixed in MariaDB: 10.6.6, 10.5.14, 10.4.23, 10.3.33, 10.2.42
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-318/
@@ -8427,6 +8441,7 @@ CVE-2022-24051 (MariaDB CONNECT Storage Engine Format String Privilege Escalatio
CVE-2022-24050 (MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vul ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: Fixed in MariaDB: 10.6.6, 10.5.14, 10.4.23, 10.3.33, 10.2.42
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-364/
@@ -8435,6 +8450,7 @@ CVE-2022-24049 (This vulnerability allows remote attackers to execute arbitrary
CVE-2022-24048 (MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege E ...)
- mariadb-10.6 1:10.6.7-1
- mariadb-10.5 <removed>
+ [bullseye] - mariadb-10.5 <no-dsa> (Minor issue, will be fixed in next point release)
- mariadb-10.3 <removed>
NOTE: Fixed in MariaDB: 10.6.6, 10.5.14, 10.4.23, 10.3.33, 10.2.42
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-363/
@@ -9579,6 +9595,8 @@ CVE-2022-0340
CVE-2021-4209
RESERVED
- gnutls28 3.7.3-2
+ [bullseye] - gnutls28 <no-dsa> (Minor issue)
+ [buster] - gnutls28 <no-dsa> (Minor issue)
[stretch] - gnutls28 <postponed> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2044156
NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1306
@@ -53988,17 +54006,21 @@ CVE-2021-32437 (The gf_hinter_finalize function in GPAC 1.0.1 allows attackers t
NOTE: https://github.com/gpac/gpac/commit/1653f31cf874eb6df964bea88d58d8e9b98b485e (v2.0.0)
NOTE: https://github.com/gpac/gpac/issues/1770
CVE-2021-32436 (An out-of-bounds read in the function write_title() in subs.c of abcm2 ...)
- - abcm2ps 8.14.13-1
+ - abcm2ps 8.14.13-1 (unimportant)
NOTE: https://github.com/lewdlime/abcm2ps/commit/2f56e1179cab6affeb8afa9d6c324008fe40d8e3 (v8.14.12)
NOTE: https://github.com/lewdlime/abcm2ps/issues/85
+ NOTE: Crash in CLI tool, no security impact
CVE-2021-32435 (Stack-based buffer overflow in the function get_key in parse.c of abcm ...)
- abcm2ps 8.14.13-1
+ [bullseye] - abcm2ps <no-dsa> (Minor issue)
+ [buster] - abcm2ps <no-dsa> (Minor issue)
NOTE: https://github.com/lewdlime/abcm2ps/commit/3169ace6d63f6f517a64e8df0298f44a490c4a15 (v8.14.12)
NOTE: https://github.com/lewdlime/abcm2ps/issues/84
CVE-2021-32434 (abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in th ...)
- - abcm2ps 8.14.13-1
+ - abcm2ps 8.14.13-1 (unimportant)
NOTE: https://github.com/lewdlime/abcm2ps/commit/2f56e1179cab6affeb8afa9d6c324008fe40d8e3 (v8.14.12)
NOTE: https://github.com/lewdlime/abcm2ps/issues/83
+ NOTE: Crash in CLI tool, no security impact
CVE-2021-32433
RESERVED
CVE-2021-32432
@@ -95151,6 +95173,8 @@ CVE-2021-0562 (In RasterIntraUpdate of motion_est.cpp, there is a possible out o
NOT-FOR-US: Android media framework
CVE-2021-0561 (In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a ...)
- flac 1.3.4-1 (bug #1006339)
+ [bullseye] - flac <no-dsa> (Minor issue)
+ [buster] - flac <no-dsa> (Minor issue)
NOTE: https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be (1.3.4)
NOTE: https://xiph.org/flac/changelog.html#flac_1.3.4
NOTE: https://android.googlesource.com/platform/external/flac/+/368eb3f5bec249a197c95a95583ff8153aa6a87f
@@ -100772,12 +100796,16 @@ CVE-2020-26561 (** UNSUPPORTED WHEN ASSIGNED ** Belkin LINKSYS WRT160NL 1.0.04.0
NOT-FOR-US: Belkin
CVE-2020-26560 (Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0. ...)
- bluez <unfixed> (bug #1006406)
+ [bullseye] - bluez <no-dsa> (Minor issue)
+ [buster] - bluez <no-dsa> (Minor issue)
[stretch] - bluez <not-affected> (Mesh support introduced later)
NOTE: https://kb.cert.org/vuls/id/799380
NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/impersonation-mesh/
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1959994
CVE-2020-26559 (Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0. ...)
- bluez <unfixed> (bug #1006406)
+ [bullseye] - bluez <no-dsa> (Minor issue)
+ [buster] - bluez <no-dsa> (Minor issue)
[stretch] - bluez <not-affected> (Mesh support introduced later)
NOTE: https://kb.cert.org/vuls/id/799380
NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/authvalue-leak/
@@ -100795,12 +100823,16 @@ CVE-2020-26558 (Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specifi
NOTE: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=00da0fb4972cf59e1c075f313da81ea549cb8738
CVE-2020-26557 (Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may perm ...)
- bluez <unfixed> (bug #1006406)
+ [bullseye] - bluez <no-dsa> (Minor issue)
+ [buster] - bluez <no-dsa> (Minor issue)
[stretch] - bluez <not-affected> (Mesh support introduced later)
NOTE: https://kb.cert.org/vuls/id/799380
NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/predicatable-authvalue/
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1960009
CVE-2020-26556 (Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may perm ...)
- bluez <unfixed>
+ [bullseye] - bluez <no-dsa> (Minor issue)
+ [buster] - bluez <no-dsa> (Minor issue)
[stretch] - bluez <not-affected> (Mesh support introduced later)
NOTE: https://kb.cert.org/vuls/id/799380
NOTE: https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/malleable/
=====================================
data/dsa-needed.txt
=====================================
@@ -37,7 +37,9 @@ rpki-client/stable
--
runc
--
-thundebird (jmm)
+thunderbird (jmm)
+--
+tiff (jmm)
--
trafficserver (jmm)
wait until status for CVE-2021-38161 is clarified (upstream patch got reverted)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2205981bfe41f7e65718594d72a080f4fbeab6f3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2205981bfe41f7e65718594d72a080f4fbeab6f3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220314/de6c5d44/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list