[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu May 26 23:41:33 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
84d2c879 by Moritz Muehlenhoff at 2022-05-27T00:41:10+02:00
buster/bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -293,11 +293,10 @@ CVE-2022-31619
 CVE-2022-1887
 	RESERVED
 CVE-2022-1886 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...)
-	- vim <unfixed>
-	[bullseye] - vim <no-dsa> (Minor issue)
-	[buster] - vim <no-dsa> (Minor issue)
+	- vim <unfixed> (unimportant)
 	NOTE: https://huntr.dev/bounties/fa0ad526-b608-45b3-9ebc-f2b607834d6a
 	NOTE: https://github.com/vim/vim/commit/2a585c85013be22f59f184d49612074fd9b115d7 (v8.2.5016)
+	NOTE: Crash in CLI tool, no security impact
 CVE-2022-1885
 	RESERVED
 CVE-2022-1884
@@ -13610,6 +13609,8 @@ CVE-2022-26968
 	RESERVED
 CVE-2022-26967 (GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. It c ...)
 	- gpac <unfixed> (bug #1007224)
+	[bullseye] - gpac <no-dsa> (Minor issue)
+	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <end-of-life> (No longer supported in LTS)
 	NOTE: https://github.com/gpac/gpac/issues/2138
 	NOTE: https://github.com/gpac/gpac/commit/ea1eca00fd92fa17f0e25ac25652622924a9a6a0
@@ -25452,6 +25453,8 @@ CVE-2022-0218 (The WP HTML Mail WordPress plugin is vulnerable to unauthorized a
 CVE-2022-0216
 	RESERVED
 	- qemu <unfixed>
+	[bullseye] - qemu <no-dsa> (Minor issue)
+	[buster] - qemu <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2036953
 	NOTE: https://starlabs.sg/advisories/22-0216
 	NOTE: https://gitlab.com/qemu-project/qemu/-/issues/972
@@ -159323,6 +159326,8 @@ CVE-2020-8860 (This vulnerability allows remote attackers to execute arbitrary c
 CVE-2020-8859 (This vulnerability allows remote attackers to create a denial-of-servi ...)
 	{DLA-3014-1}
 	- elog <removed>
+	[bullseye] - elog <ignored> (Minor issue)
+	[buster] - elog <ignored> (Minor issue)
 	NOTE: https://elog.psi.ch/elogs/Forum/69114
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-20-252/
 	NOTE: https://bitbucket.org/ritt/elog/commits/033e292301fa569738b20768b8d1f1d7d0bc1ca7



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84d2c8799b55ec27c1facad007ec940b85875c73

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84d2c8799b55ec27c1facad007ec940b85875c73
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220526/21658f2a/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list