[Git][security-tracker-team/security-tracker][master] Add CVE-2022-20001/fish
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Mar 14 21:26:26 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
be86d388 by Salvatore Bonaccorso at 2022-03-14T22:25:58+01:00
Add CVE-2022-20001/fish
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49324,7 +49324,12 @@ CVE-2021-34344 (A stack buffer overflow vulnerability has been reported to affec
CVE-2021-34343 (A stack buffer overflow vulnerability has been reported to affect QNAP ...)
NOT-FOR-US: QNAP
CVE-2022-20001 (fish is a command line shell. fish version 3.1.0 through version 3.3.1 ...)
- TODO: check
+ - fish <unfixed>
+ [buster] - fish <not-affected> (Vulnerable code introduced later)
+ [stretch] - fish <not-affected> (Vulnerable code introduced later)
+ NOTE: https://github.com/fish-shell/fish-shell/security/advisories/GHSA-pj5f-6vxj-f5mq
+ NOTE: https://github.com/fish-shell/fish-shell/pull/8589
+ NOTE: https://github.com/fish-shell/fish-shell/commit/37625053d424c1ab88de2b0c50c7fe71e1468e2c (3.4.0)
CVE-2021-3588 (The cli_feat_read_cb() function in src/gatt-database.c does not perfor ...)
- bluez 5.55-3.1 (bug #989700)
[buster] - bluez <not-affected> (Vulnerable code introduced later)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be86d388595dad2800b4d585273b6a5029376e93
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be86d388595dad2800b4d585273b6a5029376e93
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220314/1a85702d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list