[Git][security-tracker-team/security-tracker][master] 3 commits: Specify upstream tag for CVE-2022-29221

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7d773c20 by Salvatore Bonaccorso at 2022-05-26T15:23:25+02:00
Specify upstream tag for CVE-2022-29221

- - - - -
a5bb7b0d by Salvatore Bonaccorso at 2022-05-26T15:42:56+02:00
Add Debian bug reference for CVE-2022-26691/cups

- - - - -
21e99702 by Salvatore Bonaccorso at 2022-05-26T15:53:04+02:00
Add Debian bug reference for ntfs-3g issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2539,31 +2539,31 @@ CVE-2022-30790
 	RESERVED
 CVE-2022-30789
 	RESERVED
-	- ntfs-3g <unfixed>
+	- ntfs-3g <unfixed> (bug #1011770)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/05/26/1
 CVE-2022-30788
 	RESERVED
-	- ntfs-3g <unfixed>
+	- ntfs-3g <unfixed> (bug #1011770)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/05/26/1
 CVE-2022-30787
 	RESERVED
-	- ntfs-3g <unfixed>
+	- ntfs-3g <unfixed> (bug #1011770)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/05/26/2
 CVE-2022-30786
 	RESERVED
-	- ntfs-3g <unfixed>
+	- ntfs-3g <unfixed> (bug #1011770)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/05/26/1
 CVE-2022-30785
 	RESERVED
-	- ntfs-3g <unfixed>
+	- ntfs-3g <unfixed> (bug #1011770)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/05/26/2
 CVE-2022-30784
 	RESERVED
-	- ntfs-3g <unfixed>
+	- ntfs-3g <unfixed> (bug #1011770)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/05/26/1
 CVE-2022-30783
 	RESERVED
-	- ntfs-3g <unfixed>
+	- ntfs-3g <unfixed> (bug #1011770)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/05/26/2
 CVE-2022-30782 (Openmoney API through 2020-06-29 uses the JavaScript Math.random funct ...)
 	NOT-FOR-US: Openmoney
@@ -4722,7 +4722,7 @@ CVE-2022-29968 (An issue was discovered in the Linux kernel through 5.17.5. io_r
 CVE-2022-1545 (It was possible to disclose details of confidential notes created via  ...)
 	TODO: check
 CVE-2021-46790 (ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow i ...)
-	- ntfs-3g <unfixed>
+	- ntfs-3g <unfixed> (bug #1011770)
 	NOTE: https://github.com/tuxera/ntfs-3g/issues/16
 	NOTE: https://www.openwall.com/lists/oss-security/2022/05/26/1
 CVE-2022-1544 (Formula Injection/CSV Injection due to Improper Neutralization of Form ...)
@@ -6994,9 +6994,7 @@ CVE-2022-29221 (Smarty is a template engine for PHP, facilitating the separation
 	- smarty <removed>
 	NOTE: https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c
 	NOTE: https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd (v4.1.1)
-	NOTE: https://github.com/smarty-php/smarty/commit/3606c4717ed6348e114a610ff1e446048dcd0345 (support/3.1)
-	NOTE: https://github.com/smarty-php/smarty/releases/tag/v3.1.45
-	NOTE: https://github.com/smarty-php/smarty/releases/tag/v4.1.1
+	NOTE: https://github.com/smarty-php/smarty/commit/3606c4717ed6348e114a610ff1e446048dcd0345 (v3.1.45)
 CVE-2022-29220
 	RESERVED
 CVE-2022-29219 (Lodestar is a TypeScript implementation of the Ethereum Consensus spec ...)
@@ -14263,7 +14261,7 @@ CVE-2022-26692
 	RESERVED
 CVE-2022-26691
 	RESERVED
-	- cups <unfixed>
+	- cups <unfixed> (bug #1011769)
 	NOTE: Fixed by: https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444 (v2.4.2)
 	NOTE: Followup (fix comment): https://github.com/OpenPrinting/cups/commit/411b6136f450a583ee08c3880fa09dbe837eb3f1
 CVE-2022-26690



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/52ee35b4baf112d84cfe6f67ba5a867c979f96a8...21e99702dbfa1a2d9cb97e11465cd8364fd280b4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/52ee35b4baf112d84cfe6f67ba5a867c979f96a8...21e99702dbfa1a2d9cb97e11465cd8364fd280b4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220526/ba01f023/attachment.htm>