[Git][security-tracker-team/security-tracker][master] Add CVE-2022-1348/logrotate
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 25 20:45:56 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d34db2af by Salvatore Bonaccorso at 2022-05-25T21:45:15+02:00
Add CVE-2022-1348/logrotate
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6557,8 +6557,18 @@ CVE-2022-1350 (A vulnerability classified as problematic was found in GhostPCL 9
NOTE: Upstream report is as per 2022-04-15 not yet public
CVE-2022-1349 (The WPQA Builder Plugin WordPress plugin before 5.2, used as a compani ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-1348
- RESERVED
+CVE-2022-1348 [potential DoS from unprivileged users via the state file]
+ RESERVED
+ - logrotate <unfixed>
+ [buster] - logrotate <not-affected> (Vulnerable code introduced later)
+ [stretch] - logrotate <not-affected> (Vulnerable code introduced later)
+ NOTE: https://www.openwall.com/lists/oss-security/2022/05/25/3
+ NOTE: Introduced by: https://github.com/logrotate/logrotate/commit/f46d0bdfc9c53515c13880c501f4d2e1e7dd8b25 (3.17.0)
+ NOTE: https://github.com/logrotate/logrotate/pull/446
+ NOTE: Fixed by: https://github.com/logrotate/logrotate/commit/1f76a381e2caa0603ae3dbc51ed0f1aa0d6658b9 (3.20.0)
+ NOTE: Fixed by: https://github.com/logrotate/logrotate/commit/addbd293242b0b78aa54f054e6c1d249451f137d (3.20.1)
+ NOTE: Packages are built with --with-state-file-path=/var/lib/logrotate/status
+ NOTE: but /var/lib/logrotate has 0755 permissions, allowing a user to aquire a lock on the file.
CVE-2022-1347 (Stored XSS in the "Username" & "Email" input fields leads to accou ...)
NOT-FOR-US: organizr
CVE-2022-1346 (Multiple Stored XSS in GitHub repository causefx/organizr prior to 2.1 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d34db2afd8fbe260dd76ded2f841dc94d2e2143a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d34db2afd8fbe260dd76ded2f841dc94d2e2143a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220525/b4a8fe63/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list