[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2022-21227/node-sqlite3 as no-dsa

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun May 1 20:15:43 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d7df0e75 by Salvatore Bonaccorso at 2022-05-01T21:14:48+02:00
Mark CVE-2022-21227/node-sqlite3 as no-dsa

- - - - -
03c0a238 by Salvatore Bonaccorso at 2022-05-01T21:15:17+02:00
Track proposed update for node-sqlite3 via bullseye-pu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -11367,6 +11367,8 @@ CVE-2022-21230
 CVE-2022-21227 [Denial-of-Service due to fatal error when binding invalid parameters]
 	RESERVED
 	- node-sqlite3 5.0.6+ds1-1
+	[bullseye] - node-sqlite3 <no-dsa> (Minor issue)
+	[buster] - node-sqlite3 <no-dsa> (minor issue)
 	[stretch] - node-sqlite3 <end-of-life> (Nodejs in stretch not covered by security support)
 	NOTE: https://github.com/advisories/GHSA-9qrh-qjmc-5w2p
 	NOTE: Fixed by: https://github.com/TryGhost/node-sqlite3/commit/593c9d498be2510d286349134537e3bf89401c4a (v5.0.3)


=====================================
data/next-point-update.txt
=====================================
@@ -56,3 +56,5 @@ CVE-2022-27404
 	[bullseye] - freetype 2.10.4+dfsg-1+deb11u1
 CVE-2022-29078
 	[bullseye] - node-ejs 2.5.7-3+deb11u1
+CVE-2022-21227
+	[bullseye] - node-sqlite3 5.0.0+ds1-1+deb11u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d1cf75d0115c1a9925e94161897d0fc4fcc8c5df...03c0a2384a8e95aa2904d77ff8888e737642285d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d1cf75d0115c1a9925e94161897d0fc4fcc8c5df...03c0a2384a8e95aa2904d77ff8888e737642285d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220501/ae4b1e6c/attachment.htm>

More information about the debian-security-tracker-commits mailing list