[Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2022-3097{4,5}/mujs

Mon May 23 21:18:35 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
18141a62 by Salvatore Bonaccorso at 2022-05-23T22:18:18+02:00
Add upstream commits for CVE-2022-3097{4,5}/mujs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1150,9 +1150,13 @@ CVE-2022-30976 (GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf
 CVE-2022-30975 (In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL p ...)
 	- mujs <unfixed>
 	NOTE: https://github.com/ccxvii/mujs/issues/161
+	NOTE: https://github.com/ccxvii/mujs/commit/910acc807c3c057e1c0726160808f3a9f37b40ec
+	NOTE: https://github.com/ccxvii/mujs/commit/f5b3c703e18725e380b83427004632e744f85a6f
 CVE-2022-30974 (compile in regexp.c in Artifex MuJS through 1.2.0 results in stack con ...)
 	- mujs <unfixed>
 	NOTE: https://github.com/ccxvii/mujs/issues/162
+	NOTE: https://github.com/ccxvii/mujs/commit/160ae29578054dc09fd91e5401ef040d52797e61
+	NOTE: https://github.com/ccxvii/mujs/commit/799b62bf065b006e2bcb1c80044eab2b10412ecf
 CVE-2022-1775 (Weak Password Requirements in GitHub repository polonel/trudesk prior  ...)
 	NOT-FOR-US: Trudesk
 CVE-2022-1774 (Exposure of Sensitive Information to an Unauthorized Actor in GitHub r ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18141a62c408498c62381ceb387bb253f3f89c96

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18141a62c408498c62381ceb387bb253f3f89c96
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220523/f3d942d0/attachment-0001.htm>
