[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f6fa7cda by security tracker role at 2022-05-23T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2022-30549
+	RESERVED
+CVE-2022-29524
+	RESERVED
+CVE-2022-29506
+	RESERVED
 CVE-2022-1813 (OS Command Injection in GitHub repository yogeshojha/rengine prior to  ...)
 	TODO: check
 CVE-2022-1812
@@ -2437,6 +2443,7 @@ CVE-2022-1621 (Heap buffer overflow in vim_strncpy find_word in GitHub repositor
 	NOTE: https://huntr.dev/bounties/520ce714-bfd2-4646-9458-f52cd22bb2fb
 	NOTE: https://github.com/vim/vim/commit/7c824682d2028432ee082703ef0ab399867a089b (v8.2.4919)
 CVE-2018-25033 (ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_ ...)
+	{DLA-3019-1}
 	- admesh 0.98.4-2 (bug #1010770)
 	[bullseye] - admesh <no-dsa> (Minor issue; can be fixed via point release)
 	[buster] - admesh <no-dsa> (Minor issue; can be fixed via point release)
@@ -3547,7 +3554,7 @@ CVE-2022-29918
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29918
 CVE-2022-29917
 	RESERVED
-	{DSA-5141-1 DSA-5129-1 DLA-2994-1}
+	{DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
 	- firefox 100.0-1
 	- firefox-esr 91.9.0esr-1
 	- thunderbird 1:91.9.0-1
@@ -3556,7 +3563,7 @@ CVE-2022-29917
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29917
 CVE-2022-29916
 	RESERVED
-	{DSA-5141-1 DSA-5129-1 DLA-2994-1}
+	{DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
 	- firefox 100.0-1
 	- firefox-esr 91.9.0esr-1
 	- thunderbird 1:91.9.0-1
@@ -3569,7 +3576,7 @@ CVE-2022-29915
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29915
 CVE-2022-29914
 	RESERVED
-	{DSA-5141-1 DSA-5129-1 DLA-2994-1}
+	{DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
 	- firefox 100.0-1
 	- firefox-esr 91.9.0esr-1
 	- thunderbird 1:91.9.0-1
@@ -3578,12 +3585,12 @@ CVE-2022-29914
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29914
 CVE-2022-29913
 	RESERVED
-	{DSA-5141-1}
+	{DSA-5141-1 DLA-3020-1}
 	- thunderbird 1:91.9.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29913
 CVE-2022-29912
 	RESERVED
-	{DSA-5141-1 DSA-5129-1 DLA-2994-1}
+	{DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
 	- firefox 100.0-1
 	- firefox-esr 91.9.0esr-1
 	- thunderbird 1:91.9.0-1
@@ -3592,7 +3599,7 @@ CVE-2022-29912
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-29912
 CVE-2022-29911
 	RESERVED
-	{DSA-5141-1 DSA-5129-1 DLA-2994-1}
+	{DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
 	- firefox 100.0-1
 	- firefox-esr 91.9.0esr-1
 	- thunderbird 1:91.9.0-1
@@ -3605,7 +3612,7 @@ CVE-2022-29910
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/#CVE-2022-29910
 CVE-2022-29909
 	RESERVED
-	{DSA-5141-1 DSA-5129-1 DLA-2994-1}
+	{DSA-5141-1 DSA-5129-1 DLA-3020-1 DLA-2994-1}
 	- firefox 100.0-1
 	- firefox-esr 91.9.0esr-1
 	- thunderbird 1:91.9.0-1
@@ -3767,7 +3774,7 @@ CVE-2022-1521
 	RESERVED
 CVE-2022-1520
 	RESERVED
-	{DSA-5141-1}
+	{DSA-5141-1 DLA-3020-1}
 	- thunderbird 1:91.9.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-18/#CVE-2022-1520
 CVE-2022-1519
@@ -17309,8 +17316,8 @@ CVE-2021-45721
 	RESERVED
 CVE-2021-45074 (JFrog Artifactory before 7.29.3 and 6.23.38, is vulnerable to Broken A ...)
 	NOT-FOR-US: JFrog Artifactory
-CVE-2021-41834
-	RESERVED
+CVE-2021-41834 (JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable t ...)
+	TODO: check
 CVE-2021-23163
 	RESERVED
 CVE-2022-25146 (The Remote App module in Liferay Portal through v7.4.3.8 and Liferay D ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6fa7cda3b5459290f3ce71478193926953aa895

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6fa7cda3b5459290f3ce71478193926953aa895
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220523/197c8293/attachment.htm>