[Git][security-tracker-team/security-tracker][master] Add CVE-2022-0778
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Mar 15 16:35:31 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9d63b749 by Salvatore Bonaccorso at 2022-03-15T17:34:51+01:00
Add CVE-2022-0778
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2816,8 +2816,12 @@ CVE-2022-0780
RESERVED
CVE-2022-0779
RESERVED
-CVE-2022-0778
+CVE-2022-0778 [Infinite loop in BN_mod_sqrt() reachable when parsing certificates]
RESERVED
+ - openssl <unfixed>
+ - openssl1.0 <removed>
+ NOTE: https://www.openssl.org/news/secadv/20220315.txt
+ NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65 (OpenSSL_1_1_1n)
CVE-2022-0777 (Weak Password Recovery Mechanism for Forgotten Password in GitHub repo ...)
NOT-FOR-US: microweber
CVE-2022-0776 (Cross-site Scripting (XSS) - DOM in GitHub repository hakimel/reveal.j ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d63b7499c516c01a1aa99519b7f3d9a3db74660
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d63b7499c516c01a1aa99519b7f3d9a3db74660
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220315/d286535f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list