[Git][security-tracker-team/security-tracker][master] Add CVE-2022-30295/uclibc
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat May 7 08:16:46 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
21bbb5df by Salvatore Bonaccorso at 2022-05-07T09:16:26+02:00
Add CVE-2022-30295/uclibc
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -77,7 +77,10 @@ CVE-2022-1604
CVE-2022-1603
RESERVED
CVE-2022-30295 (uClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable D ...)
- TODO: check
+ - uclibc <unfixed>
+ NOTE: https://www.nozominetworks.com/blog/nozomi-networks-discovers-unpatched-dns-bug-in-popular-c-standard-library-putting-iot-at-risk/
+ NOTE: https://mailman.openadk.org/mailman3/hyperkitty/list/devel@uclibc-ng.org/thread/6JWRW3P4VN54J5FHUDK7IQOU4V35HHDZ/
+ NOTE: src:uclibc switched to the uClibc-ng source codebase with the 1.0.20-1 upload.
CVE-2022-30294 (In WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-fre ...)
TODO: check
CVE-2022-30293 (In WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based bu ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21bbb5df9f3faa62f837f0d02c70e51fe4d6cfd7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21bbb5df9f3faa62f837f0d02c70e51fe4d6cfd7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220507/e70de9d8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list