[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue May 10 09:21:38 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b43eafdd by Moritz Muehlenhoff at 2022-05-10T10:21:10+02:00
buster/bullseye triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -456,6 +456,8 @@ CVE-2022-30334 (Brave before 1.34, when a Private Window with Tor Connectivity i
 	TODO: check
 CVE-2022-30333 (RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal  ...)
 	- unrar-nonfree <unfixed>
+	[bullseye] - unrar-nonfree <no-dsa> (Non-free not supported)
+	[buster] - unrar-nonfree <no-dsa> (Non-free not supported)
 	TODO: check details, 6.1.1 -> 6.1.2 upstream changes does not seem related
 CVE-2022-30332
 	RESERVED
@@ -86658,6 +86660,8 @@ CVE-2021-23793
 	RESERVED
 CVE-2021-23792 (The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 ar ...)
 	- libtwelvemonkeys-java 3.8.0-1
+	[bullseye] - libtwelvemonkeys-java <no-dsa> (Minor issue)
+	[buster] - libtwelvemonkeys-java <no-dsa> (Minor issue)
 	NOTE: https://snyk.io/vuln/SNYK-JAVA-COMTWELVEMONKEYSIMAGEIO-2316763
 	NOTE: https://github.com/haraldk/TwelveMonkeys/commit/da4efe98bf09e1cce91b7633cb251958a200fc80 (twelvemonkeys-3.8.0)
 CVE-2021-23791


=====================================
data/dsa-needed.txt
=====================================
@@ -16,6 +16,8 @@ asterisk/oldstable
 --
 cacti
 --
+cifs-utils
+--
 condor/oldstable (apo)
 --
 ecdsautils (jmm)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b43eafdd52df278263e5e4eb5068ef1979594dd4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b43eafdd52df278263e5e4eb5068ef1979594dd4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220510/3be0bcef/attachment.htm>

More information about the debian-security-tracker-commits mailing list