[Git][security-tracker-team/security-tracker][master] python-cmarkgfm fixed in sid

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Mar 14 16:48:41 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
861b3262 by Moritz Muehlenhoff at 2022-03-14T17:48:21+01:00
python-cmarkgfm fixed in sid
buster/bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6284,7 +6284,7 @@ CVE-2022-24725 (Shescape is a shell escape package for JavaScript. An issue in v
 CVE-2022-24724 (cmark-gfm is GitHub's extended version of the C reference implementati ...)
 	- cmark-gfm <unfixed> (bug #1006756)
 	- ghostwriter <unfixed> (bug #1006757)
-	- python-cmarkgfm <unfixed> (bug #1006758)
+	- python-cmarkgfm 0.8.0-1 (bug #1006758)
 	- ruby-commonmarker <unfixed> (bug #1006759)
 	- r-cran-commonmark 1.8.0-1 (bug #1006760)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x
@@ -12572,6 +12572,8 @@ CVE-2022-22910
 	RESERVED
 CVE-2022-22909 (HotelDruid v3.0.3 was discovered to contain a remote code execution (R ...)
 	- hoteldruid <unfixed> (bug #1006750)
+	[bullseye] - hoteldruid <no-dsa> (Minor issue)
+	[buster] - hoteldruid <no-dsa> (Minor issue)
 	NOTE: https://github.com/0z09e/CVE-2022-22909
 CVE-2022-22908 (SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, ...)
 	NOT-FOR-US: Sangfor VDI Client
@@ -22226,6 +22228,8 @@ CVE-2022-21717
 CVE-2022-21716 (Twisted is an event-based framework for internet applications, support ...)
 	{DLA-2938-1}
 	- twisted <unfixed>
+	[bullseye] - twisted <no-dsa> (Minor issue)
+	[buster] - twisted <no-dsa> (Minor issue)
 	NOTE: https://github.com/twisted/twisted/security/advisories/GHSA-rv6r-3f5q-9rgx
 	NOTE: https://github.com/twisted/twisted/commit/98387b39e9f0b21462f6abc7a1325dc370fcdeb1
 	NOTE: https://twistedmatrix.com/trac/ticket/10284
@@ -71712,6 +71716,8 @@ CVE-2021-25637
 	RESERVED
 CVE-2021-25636 (LibreOffice supports digital signatures of ODF documents and macros wi ...)
 	- libreoffice 1:7.3.0-1
+	[bullseye] - libreoffice <no-dsa> (Minor issue)
+	[buster] - libreoffice <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2056955
 	NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636
 	NOTE: Fixed by: https://github.com/LibreOffice/core/commit/b0404f80577de9ff69e58390c6f6ef949fdb0139



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/861b32628db7af7b54af47987c3d6028a2e20fef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/861b32628db7af7b54af47987c3d6028a2e20fef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220314/5f9e5a7d/attachment.htm>

More information about the debian-security-tracker-commits mailing list