[Git][security-tracker-team/security-tracker][master] 2 commits: new nginx issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Nov 11 08:45:13 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8c9eda17 by Moritz Muehlenhoff at 2022-11-11T09:44:53+01:00
new nginx issues

- - - - -
1a7adcf0 by Moritz Muehlenhoff at 2022-11-11T09:44:54+01:00
nginx fixed in sid

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -11523,9 +11523,13 @@ CVE-2022-37409
 CVE-2022-41743 (NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in t ...)
 	NOT-FOR-US: NGINX Plus
 CVE-2022-41742 (NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source ...)
-	TODO: check
+	- nginx 1.22.1-1
+	NOTE: https://github.com/nginx/nginx/commit/6b022a5556af22b6e18532e547a6ae46b0d8c6ea (release-1.22.1)
+	NOTE: Only affects the nginx-extras binary package
 CVE-2022-41741 (NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source ...)
-	TODO: check
+	- nginx 1.22.1-1
+	NOTE: https://github.com/nginx/nginx/commit/6b022a5556af22b6e18532e547a6ae46b0d8c6ea (release-1.22.1)
+	NOTE: Only affects the nginx-extras binary package
 CVE-2022-41740
 	RESERVED
 CVE-2022-41739


=====================================
data/dsa-needed.txt
=====================================
@@ -27,6 +27,8 @@ linux (carnil)
 netatalk
   open regression with MacOS, tentative patch not yet merged upstream
 --
+nginx
+--
 nodejs
 --
 multipath-tools



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8d8403bcde6243eb360ea2228eba37195aa8409f...1a7adcf093a16eb24c9e808d034cf0fcef7418e8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8d8403bcde6243eb360ea2228eba37195aa8409f...1a7adcf093a16eb24c9e808d034cf0fcef7418e8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221111/0a5ef68e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list