[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Mar 27 09:50:27 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eed55818 by Moritz Muehlenhoff at 2022-03-27T10:50:02+02:00
buster/bullseye triage
one lemonldap-ng issue n/a for stretch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -773,6 +773,8 @@ CVE-2022-1050
 	RESERVED
 CVE-2022-1049 (A flaw was found in the Pacemaker configuration tool (pcs). The pcs da ...)
 	- pcs <unfixed>
+	[bullseye] - pcs <no-dsa> (Minor issue)
+	[buster] - pcs <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/7aa921fc-a568-4fd8-96f4-7cd826246aa5
 	NOTE: https://github.com/ClusterLabs/pcs/commit/fb860005117dc9e092649687dfa1304fb423efc5
 CVE-2022-1048 [race condition in snd_pcm_hw_free leading to use-after-free]
@@ -2995,6 +2997,8 @@ CVE-2022-0898
 	RESERVED
 CVE-2022-0897 (A flaw was found in the libvirt nwfilter driver. The virNWFilterObjLis ...)
 	- libvirt <unfixed>
+	[bullseye] - libvirt <no-dsa> (Minor issue)
+	[buster] - libvirt <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/libvirt/libvirt/-/commit/a4947e8f63c3e6b7b067b444f3d6cf674c0d7f36
 CVE-2022-0896 (Improper Neutralization of Special Elements Used in a Template Engine  ...)
 	NOT-FOR-US: microweber
@@ -35592,7 +35596,7 @@ CVE-2021-40874 [RESTServer pwdConfirm always returns true with Combination + Ker
 	- lemonldap-ng 2.0.14+ds-1 (bug #1005302)
 	[bullseye] - lemonldap-ng 2.0.11+ds-4+deb11u1
 	[buster] - lemonldap-ng 2.0.2+ds-7+deb10u7
-	[stretch] - lemonldap-ng <no-dsa> (Minor issue)
+	[stretch] - lemonldap-ng <not-affected> (Vulnerable code introduced in 2.0)
 	NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2612
 	NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/66946e8f754812b375768c2124937137c856fe0c
 CVE-2021-40873 (An issue was discovered in Softing Industrial Automation OPC UA C++ SD ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eed55818c5c182b1943d2cf5c8a1a6b97e4c508a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eed55818c5c182b1943d2cf5c8a1a6b97e4c508a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220327/dd5a9420/attachment.htm>

More information about the debian-security-tracker-commits mailing list