[Git][security-tracker-team/security-tracker][master] 2 commits: Marked CVE-2022-30333 as no-dsa for rar and unrar-nonfree following buster.

Ola Lundqvist (@opal) opal at debian.org
Mon May 16 21:08:23 BST 2022 


Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker


Commits:
585f3dbe by Ola Lundqvist at 2022-05-16T22:08:00+02:00
Marked CVE-2022-30333 as no-dsa for rar and unrar-nonfree following buster.

- - - - -
b57c7034 by Ola Lundqvist at 2022-05-16T22:08:01+02:00
Marked CVE-2022-30292 as no-dsa for squirrel3 following buster.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1429,9 +1429,11 @@ CVE-2022-30333 (RARLAB UnRAR before 6.12 on Linux and UNIX allows directory trav
 	- unrar-nonfree 1:6.1.7-1 (bug #1010837)
 	[bullseye] - unrar-nonfree <no-dsa> (Non-free not supported)
 	[buster] - unrar-nonfree <no-dsa> (Non-free not supported)
+	[stretch] - unrar-nonfree <no-dsa> (Non-free not supported)
 	- rar <unfixed>
 	[bullseye] - rar <no-dsa> (Non-free not supported)
 	[buster] - rar <no-dsa> (Non-free not supported)
+	[stretch] - rar <no-dsa> (Non-free not supported)
 	NOTE: 6.12 application version corresponds to 6.1.7 source version:
 	NOTE: https://github.com/debian-calibre/unrar-nonfree/compare/upstream/6.1.6...upstream/6.1.7
 CVE-2022-30332
@@ -1591,6 +1593,7 @@ CVE-2022-30292 (thread_call in sqbaselib.cpp in SQUIRREL 3.2 lacks a certain sq_
 	- squirrel3 <unfixed>
 	[bullseye] - squirrel3 <no-dsa> (Minor issue)
 	[buster] - squirrel3 <no-dsa> (Minor issue)
+	[stretch] - squirrel3 <no-dsa> (Minor issue)
 	NOTE: https://github.com/albertodemichelis/squirrel/commit/a6413aa690e0bdfef648c68693349a7b878fe60d
 CVE-2022-30291
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b99e36382b07a66ca9043bb09140b1b0ec7632d5...b57c70343cffb95321ca7260065ce12496f0be25

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b99e36382b07a66ca9043bb09140b1b0ec7632d5...b57c70343cffb95321ca7260065ce12496f0be25
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220516/b385c8cd/attachment.htm>

More information about the debian-security-tracker-commits mailing list