[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue May 24 16:21:20 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
470058db by Moritz Muehlenhoff at 2022-05-24T17:21:08+02:00
buster/bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,4 @@
+
 CVE-2022-31598
 	RESERVED
 CVE-2022-31597
@@ -7052,17 +7053,20 @@ CVE-2022-29025
 CVE-2022-29024
 	RESERVED
 CVE-2022-29023 (A buffer overflow in the razermouse driver of OpenRazer v3.3.0 and bel ...)
-	- openrazer 3.3.0+dfsg-1
+	- openrazer 3.3.0+dfsg-1 (unimportant)
 	NOTE: https://github.com/openrazer/openrazer/pull/1790
 	NOTE: https://github.com/openrazer/openrazer/commit/7e8a04feb378a679f1bcdcae079a5100cc45663b (v3.3.0)
+	NOTE: Negligible security impact
 CVE-2022-29022 (A buffer overflow in the razeraccessory driver of OpenRazer v3.3.0 and ...)
-	- openrazer 3.3.0+dfsg-1
+	- openrazer 3.3.0+dfsg-1 (unimportant)
 	NOTE: https://github.com/openrazer/openrazer/pull/1790
 	NOTE: https://github.com/openrazer/openrazer/commit/7e8a04feb378a679f1bcdcae079a5100cc45663b (v3.3.0)
+	NOTE: Negligible security impact
 CVE-2022-29021 (A buffer overflow in the razerkbd driver of OpenRazer v3.3.0 and below ...)
-	- openrazer 3.3.0+dfsg-1
+	- openrazer 3.3.0+dfsg-1 (unimportant)
 	NOTE: https://github.com/openrazer/openrazer/pull/1790
 	NOTE: https://github.com/openrazer/openrazer/commit/7e8a04feb378a679f1bcdcae079a5100cc45663b (v3.3.0)
+	NOTE: Negligible security impact
 CVE-2022-29020 (ForestBlog through 2022-02-16 allows admin/profile/save userAvatar XSS ...)
 	NOT-FOR-US: ForestBlog
 CVE-2022-29019
@@ -33471,6 +33475,7 @@ CVE-2021-44550 (An Incorrect Access Control vulnerability exists in CoreNLP 4.3.
 	NOT-FOR-US: CoreNLP
 CVE-2021-4070 (Off-by-one Error in GitHub repository v2fly/v2ray-core prior to 4.44.0 ...)
 	- golang-v2ray-core 4.34.0-7 (bug #1010377)
+	[bullseye] - golang-v2ray-core <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/8da19456-4d89-41ef-9781-a41efd6a1877/
 	NOTE: https://github.com/v2fly/v2ray-core/commit/c1af2bfd7aa59a4482aa7f6ec4b9208c1d350b5c
 CVE-2021-44549 (Apache Sling Commons Messaging Mail provides a simple layer on top of  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/470058db03eceb200dbae9656629813a5590daf3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/470058db03eceb200dbae9656629813a5590daf3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220524/16232873/attachment.htm>

More information about the debian-security-tracker-commits mailing list