[Git][security-tracker-team/security-tracker][master] automatic update

Mon Nov 7 08:10:23 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
811cdf0d by security tracker role at 2022-11-07T08:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,547 @@
+CVE-2022-45043
+	RESERVED
+CVE-2022-45042
+	RESERVED
+CVE-2022-45041
+	RESERVED
+CVE-2022-45040
+	RESERVED
+CVE-2022-45039
+	RESERVED
+CVE-2022-45038
+	RESERVED
+CVE-2022-45037
+	RESERVED
+CVE-2022-45036
+	RESERVED
+CVE-2022-45035
+	RESERVED
+CVE-2022-45034
+	RESERVED
+CVE-2022-45033
+	RESERVED
+CVE-2022-45032
+	RESERVED
+CVE-2022-45031
+	RESERVED
+CVE-2022-45030
+	RESERVED
+CVE-2022-45029
+	RESERVED
+CVE-2022-45028
+	RESERVED
+CVE-2022-45027
+	RESERVED
+CVE-2022-45026
+	RESERVED
+CVE-2022-45025
+	RESERVED
+CVE-2022-45024
+	RESERVED
+CVE-2022-45023
+	RESERVED
+CVE-2022-45022
+	RESERVED
+CVE-2022-45021
+	RESERVED
+CVE-2022-45020
+	RESERVED
+CVE-2022-45019
+	RESERVED
+CVE-2022-45018
+	RESERVED
+CVE-2022-45017
+	RESERVED
+CVE-2022-45016
+	RESERVED
+CVE-2022-45015
+	RESERVED
+CVE-2022-45014
+	RESERVED
+CVE-2022-45013
+	RESERVED
+CVE-2022-45012
+	RESERVED
+CVE-2022-45011
+	RESERVED
+CVE-2022-45010
+	RESERVED
+CVE-2022-45009
+	RESERVED
+CVE-2022-45008
+	RESERVED
+CVE-2022-45007
+	RESERVED
+CVE-2022-45006
+	RESERVED
+CVE-2022-45005
+	RESERVED
+CVE-2022-45004
+	RESERVED
+CVE-2022-45003
+	RESERVED
+CVE-2022-45002
+	RESERVED
+CVE-2022-45001
+	RESERVED
+CVE-2022-45000
+	RESERVED
+CVE-2022-44999
+	RESERVED
+CVE-2022-44998
+	RESERVED
+CVE-2022-44997
+	RESERVED
+CVE-2022-44996
+	RESERVED
+CVE-2022-44995
+	RESERVED
+CVE-2022-44994
+	RESERVED
+CVE-2022-44993
+	RESERVED
+CVE-2022-44992
+	RESERVED
+CVE-2022-44991
+	RESERVED
+CVE-2022-44990
+	RESERVED
+CVE-2022-44989
+	RESERVED
+CVE-2022-44988
+	RESERVED
+CVE-2022-44987
+	RESERVED
+CVE-2022-44986
+	RESERVED
+CVE-2022-44985
+	RESERVED
+CVE-2022-44984
+	RESERVED
+CVE-2022-44983
+	RESERVED
+CVE-2022-44982
+	RESERVED
+CVE-2022-44981
+	RESERVED
+CVE-2022-44980
+	RESERVED
+CVE-2022-44979
+	RESERVED
+CVE-2022-44978
+	RESERVED
+CVE-2022-44977
+	RESERVED
+CVE-2022-44976
+	RESERVED
+CVE-2022-44975
+	RESERVED
+CVE-2022-44974
+	RESERVED
+CVE-2022-44973
+	RESERVED
+CVE-2022-44972
+	RESERVED
+CVE-2022-44971
+	RESERVED
+CVE-2022-44970
+	RESERVED
+CVE-2022-44969
+	RESERVED
+CVE-2022-44968
+	RESERVED
+CVE-2022-44967
+	RESERVED
+CVE-2022-44966
+	RESERVED
+CVE-2022-44965
+	RESERVED
+CVE-2022-44964
+	RESERVED
+CVE-2022-44963
+	RESERVED
+CVE-2022-44962
+	RESERVED
+CVE-2022-44961
+	RESERVED
+CVE-2022-44960
+	RESERVED
+CVE-2022-44959
+	RESERVED
+CVE-2022-44958
+	RESERVED
+CVE-2022-44957
+	RESERVED
+CVE-2022-44956
+	RESERVED
+CVE-2022-44955
+	RESERVED
+CVE-2022-44954
+	RESERVED
+CVE-2022-44953
+	RESERVED
+CVE-2022-44952
+	RESERVED
+CVE-2022-44951
+	RESERVED
+CVE-2022-44950
+	RESERVED
+CVE-2022-44949
+	RESERVED
+CVE-2022-44948
+	RESERVED
+CVE-2022-44947
+	RESERVED
+CVE-2022-44946
+	RESERVED
+CVE-2022-44945
+	RESERVED
+CVE-2022-44944
+	RESERVED
+CVE-2022-44943
+	RESERVED
+CVE-2022-44942
+	RESERVED
+CVE-2022-44941
+	RESERVED
+CVE-2022-44940
+	RESERVED
+CVE-2022-44939
+	RESERVED
+CVE-2022-44938
+	RESERVED
+CVE-2022-44937
+	RESERVED
+CVE-2022-44936
+	RESERVED
+CVE-2022-44935
+	RESERVED
+CVE-2022-44934
+	RESERVED
+CVE-2022-44933
+	RESERVED
+CVE-2022-44932
+	RESERVED
+CVE-2022-44931
+	RESERVED
+CVE-2022-44930
+	RESERVED
+CVE-2022-44929
+	RESERVED
+CVE-2022-44928
+	RESERVED
+CVE-2022-44927
+	RESERVED
+CVE-2022-44926
+	RESERVED
+CVE-2022-44925
+	RESERVED
+CVE-2022-44924
+	RESERVED
+CVE-2022-44923
+	RESERVED
+CVE-2022-44922
+	RESERVED
+CVE-2022-44921
+	RESERVED
+CVE-2022-44920
+	RESERVED
+CVE-2022-44919
+	RESERVED
+CVE-2022-44918
+	RESERVED
+CVE-2022-44917
+	RESERVED
+CVE-2022-44916
+	RESERVED
+CVE-2022-44915
+	RESERVED
+CVE-2022-44914
+	RESERVED
+CVE-2022-44913
+	RESERVED
+CVE-2022-44912
+	RESERVED
+CVE-2022-44911
+	RESERVED
+CVE-2022-44910
+	RESERVED
+CVE-2022-44909
+	RESERVED
+CVE-2022-44908
+	RESERVED
+CVE-2022-44907
+	RESERVED
+CVE-2022-44906
+	RESERVED
+CVE-2022-44905
+	RESERVED
+CVE-2022-44904
+	RESERVED
+CVE-2022-44903
+	RESERVED
+CVE-2022-44902
+	RESERVED
+CVE-2022-44901
+	RESERVED
+CVE-2022-44900
+	RESERVED
+CVE-2022-44899
+	RESERVED
+CVE-2022-44898
+	RESERVED
+CVE-2022-44897
+	RESERVED
+CVE-2022-44896
+	RESERVED
+CVE-2022-44895
+	RESERVED
+CVE-2022-44894
+	RESERVED
+CVE-2022-44893
+	RESERVED
+CVE-2022-44892
+	RESERVED
+CVE-2022-44891
+	RESERVED
+CVE-2022-44890
+	RESERVED
+CVE-2022-44889
+	RESERVED
+CVE-2022-44888
+	RESERVED
+CVE-2022-44887
+	RESERVED
+CVE-2022-44886
+	RESERVED
+CVE-2022-44885
+	RESERVED
+CVE-2022-44884
+	RESERVED
+CVE-2022-44883
+	RESERVED
+CVE-2022-44882
+	RESERVED
+CVE-2022-44881
+	RESERVED
+CVE-2022-44880
+	RESERVED
+CVE-2022-44879
+	RESERVED
+CVE-2022-44878
+	RESERVED
+CVE-2022-44877
+	RESERVED
+CVE-2022-44876
+	RESERVED
+CVE-2022-44875
+	RESERVED
+CVE-2022-44874
+	RESERVED
+CVE-2022-44873
+	RESERVED
+CVE-2022-44872
+	RESERVED
+CVE-2022-44871
+	RESERVED
+CVE-2022-44870
+	RESERVED
+CVE-2022-44869
+	RESERVED
+CVE-2022-44868
+	RESERVED
+CVE-2022-44867
+	RESERVED
+CVE-2022-44866
+	RESERVED
+CVE-2022-44865
+	RESERVED
+CVE-2022-44864
+	RESERVED
+CVE-2022-44863
+	RESERVED
+CVE-2022-44862
+	RESERVED
+CVE-2022-44861
+	RESERVED
+CVE-2022-44860
+	RESERVED
+CVE-2022-44859
+	RESERVED
+CVE-2022-44858
+	RESERVED
+CVE-2022-44857
+	RESERVED
+CVE-2022-44856
+	RESERVED
+CVE-2022-44855
+	RESERVED
+CVE-2022-44854
+	RESERVED
+CVE-2022-44853
+	RESERVED
+CVE-2022-44852
+	RESERVED
+CVE-2022-44851
+	RESERVED
+CVE-2022-44850
+	RESERVED
+CVE-2022-44849
+	RESERVED
+CVE-2022-44848
+	RESERVED
+CVE-2022-44847
+	RESERVED
+CVE-2022-44846
+	RESERVED
+CVE-2022-44845
+	RESERVED
+CVE-2022-44844
+	RESERVED
+CVE-2022-44843
+	RESERVED
+CVE-2022-44842
+	RESERVED
+CVE-2022-44841
+	RESERVED
+CVE-2022-44840
+	RESERVED
+CVE-2022-44839
+	RESERVED
+CVE-2022-44838
+	RESERVED
+CVE-2022-44837
+	RESERVED
+CVE-2022-44836
+	RESERVED
+CVE-2022-44835
+	RESERVED
+CVE-2022-44834
+	RESERVED
+CVE-2022-44833
+	RESERVED
+CVE-2022-44832
+	RESERVED
+CVE-2022-44831
+	RESERVED
+CVE-2022-44830
+	RESERVED
+CVE-2022-44829
+	RESERVED
+CVE-2022-44828
+	RESERVED
+CVE-2022-44827
+	RESERVED
+CVE-2022-44826
+	RESERVED
+CVE-2022-44825
+	RESERVED
+CVE-2022-44824
+	RESERVED
+CVE-2022-44823
+	RESERVED
+CVE-2022-44822
+	RESERVED
+CVE-2022-44821
+	RESERVED
+CVE-2022-44820
+	RESERVED
+CVE-2022-44819
+	RESERVED
+CVE-2022-44818
+	RESERVED
+CVE-2022-44817
+	RESERVED
+CVE-2022-44816
+	RESERVED
+CVE-2022-44815
+	RESERVED
+CVE-2022-44814
+	RESERVED
+CVE-2022-44813
+	RESERVED
+CVE-2022-44812
+	RESERVED
+CVE-2022-44811
+	RESERVED
+CVE-2022-44810
+	RESERVED
+CVE-2022-44809
+	RESERVED
+CVE-2022-44808
+	RESERVED
+CVE-2022-44807
+	RESERVED
+CVE-2022-44806
+	RESERVED
+CVE-2022-44805
+	RESERVED
+CVE-2022-44804
+	RESERVED
+CVE-2022-44803
+	RESERVED
+CVE-2022-44802
+	RESERVED
+CVE-2022-44801
+	RESERVED
+CVE-2022-44800
+	RESERVED
+CVE-2022-44799
+	RESERVED
+CVE-2022-44798
+	RESERVED
+CVE-2022-44797 (btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta a ...)
+	TODO: check
+CVE-2022-44796 (An issue was discovered in Object First 1.0.7.712. The authorization s ...)
+	TODO: check
+CVE-2022-44795 (An issue was discovered in Object First 1.0.7.712. A flaw was found in ...)
+	TODO: check
+CVE-2022-44794 (An issue was discovered in Object First 1.0.7.712. Management protocol ...)
+	TODO: check
+CVE-2022-44793 (handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-S ...)
+	TODO: check
+CVE-2022-44792 (handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP  ...)
+	TODO: check
+CVE-2022-44791
+	RESERVED
+CVE-2022-44790
+	RESERVED
+CVE-2022-44789
+	RESERVED
+CVE-2022-44788
+	RESERVED
+CVE-2022-44787
+	RESERVED
+CVE-2022-44786
+	RESERVED
+CVE-2022-44785
+	RESERVED
+CVE-2022-44784
+	RESERVED
+CVE-2022-44619
+	RESERVED
+CVE-2022-44610
+	RESERVED
+CVE-2022-43507
+	RESERVED
+CVE-2022-43475
+	RESERVED
+CVE-2022-43465
+	RESERVED
+CVE-2022-43456
+	RESERVED
+CVE-2022-41998
+	RESERVED
+CVE-2022-41979
+	RESERVED
+CVE-2022-41625
+	RESERVED
+CVE-2022-41610
+	RESERVED
+CVE-2022-3871
+	RESERVED
+CVE-2022-3870
+	RESERVED
 CVE-2022-44783
 	RESERVED
 CVE-2022-44782
@@ -1732,9 +2276,11 @@ CVE-2022-3793
 	- gitlab <unfixed>
 CVE-2022-3792
 	RESERVED
-CVE-2022-3791 (A vulnerability was found in PDF & Print Plugin. It has been class ...)
+CVE-2022-3791
+	REJECTED
 	NOT-FOR-US: PDF & Print Plugin
-CVE-2022-3790 (A vulnerability was found in Flipbook Plugin and classified as problem ...)
+CVE-2022-3790
+	REJECTED
 	NOT-FOR-US: Flipbook Plugin
 CVE-2022-3789 (A vulnerability has been found in Tim Campus Confession Wall and class ...)
 	NOT-FOR-US: Tim Campus Confession Wall
@@ -7683,8 +8229,7 @@ CVE-2022-3505 (A vulnerability was found in SourceCodester Sanitization Manageme
 	NOT-FOR-US: SourceCodester
 CVE-2022-3504 (A vulnerability was found in SourceCodester Sanitization Management Sy ...)
 	NOT-FOR-US: SourceCodester
-CVE-2022-42919 [Linux specific local privilege escalation via the multiprocessing forkserver start method]
-	RESERVED
+CVE-2022-42919 (Python 3.9.x and 3.10.x through 3.10.8 on Linux allows local privilege ...)
 	- python3.11 3.11.0-2
 	- python3.10 3.10.8-2
 	- python3.9 <unfixed>
@@ -7789,8 +8334,8 @@ CVE-2022-3479 (A vulnerability found in nss. By this security vulnerability, nss
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1774654
 CVE-2022-42907
 	RESERVED
-CVE-2022-42905
-	RESERVED
+CVE-2022-42905 (In wolfSSL before 5.5.2, if callback functions are enabled (via the WO ...)
+	TODO: check
 CVE-2022-42904
 	RESERVED
 CVE-2022-42903
@@ -9185,74 +9730,92 @@ CVE-2022-42327 (x86: unintended memory sharing between guests On Intel systems t
 	[buster] - xen <not-affected> (Vulnerable code introduced later in 4.16)
 	NOTE: https://xenbits.xen.org/xsa/advisory-412.html
 CVE-2022-42326 (Xenstore: Guests can create arbitrary number of nodes via transactions ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-421.html
 CVE-2022-42325 (Xenstore: Guests can create arbitrary number of nodes via transactions ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-421.html
 CVE-2022-42324 (Oxenstored 32->31 bit integer truncation issues Integers in Ocaml a ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-420.html
 CVE-2022-42323 (Xenstore: Cooperating guests can create arbitrary numbers of nodes T[h ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-419.html
 CVE-2022-42322 (Xenstore: Cooperating guests can create arbitrary numbers of nodes T[h ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-419.html
 CVE-2022-42321 (Xenstore: Guests can crash xenstored via exhausting the stack Xenstore ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-418.html
 CVE-2022-42320 (Xenstore: Guests can get access to Xenstore nodes of deleted domains A ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-417.html
 CVE-2022-42319 (Xenstore: Guests can cause Xenstore to not free temporary memory When  ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-416.html
 CVE-2022-42318 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-326.html
 CVE-2022-42317 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-326.html
 CVE-2022-42316 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-326.html
 CVE-2022-42315 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-326.html
 CVE-2022-42314 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-326.html
 CVE-2022-42313 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-326.html
 CVE-2022-42312 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-326.html
 CVE-2022-42311 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-326.html
 CVE-2022-42310 (Xenstore: Guests can create orphaned Xenstore nodes By creating multip ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-415.html
 CVE-2022-42309 (Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-11 ...)
+	{DSA-5272-1}
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-414.html
@@ -14159,8 +14722,7 @@ CVE-2022-40286
 	RESERVED
 CVE-2022-40285
 	RESERVED
-CVE-2022-40284
-	RESERVED
+CVE-2022-40284 (A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted  ...)
 	{DSA-5270-1}
 	- ntfs-3g 1:2022.10.3-1
 	NOTE: https://www.openwall.com/lists/oss-security/2022/10/31/2
@@ -21057,8 +21619,8 @@ CVE-2022-37712
 	RESERVED
 CVE-2022-37711
 	RESERVED
-CVE-2022-37710
-	RESERVED
+CVE-2022-37710 (Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ...)
+	TODO: check
 CVE-2022-37709 (Tesla Model 3 V11.0(2022.4.5.1 6b701552d7a6) Tesla mobile app v4.23 is ...)
 	NOT-FOR-US: Tesla
 CVE-2022-37708
@@ -31877,18 +32439,22 @@ CVE-2022-33749 (XAPI open file limit DoS It is possible for an unauthenticated c
 	- xen-api <removed>
 	NOTE: https://xenbits.xen.org/xsa/advisory-413.html
 CVE-2022-33748 (lock order inversion in transitive grant copy handling As part of XSA- ...)
+	{DSA-5272-1}
 	- xen <unfixed> (bug #1021668)
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-411.html
 CVE-2022-33747 (Arm: unbounded memory consumption for 2nd-level page tables Certain ac ...)
+	{DSA-5272-1}
 	- xen <unfixed> (bug #1021668)
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-409.html
 CVE-2022-33746 (P2M pool freeing may take excessively long The P2M pool backing second ...)
+	{DSA-5272-1}
 	- xen <unfixed> (bug #1021668)
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-410.html
 CVE-2022-33745 (insufficient TLB flush for x86 PV guests in shadow mode For migration  ...)
+	{DSA-5272-1}
 	- xen 4.16.2-1
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-408.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/811cdf0d521b927dc4f0e1a64b4e6ea437bf7ea5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/811cdf0d521b927dc4f0e1a64b4e6ea437bf7ea5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221107/e726be57/attachment.htm>
