[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Nov 13 20:10:34 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a51a052e by security tracker role at 2022-11-13T20:10:23+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2022-3978 (A vulnerability, which was classified as problematic, was found in Nod ...)
+	TODO: check
+CVE-2022-3977
+	RESERVED
+CVE-2022-3976 (A vulnerability has been found in MZ Automation libiec61850 up to 1.4  ...)
+	TODO: check
+CVE-2022-3975 (A vulnerability, which was classified as problematic, has been found i ...)
+	TODO: check
+CVE-2022-3974 (A vulnerability classified as critical was found in Axiomatic Bento4.  ...)
+	TODO: check
+CVE-2022-3973 (A vulnerability classified as critical has been found in Pingkon HMS-P ...)
+	TODO: check
+CVE-2022-3972 (A vulnerability was found in Pingkon HMS-PHP. It has been rated as cri ...)
+	TODO: check
+CVE-2022-3971 (A vulnerability was found in matrix-appservice-irc up to 0.35.1. It ha ...)
+	TODO: check
+CVE-2022-3970 (A vulnerability was found in LibTIFF. It has been classified as critic ...)
+	TODO: check
+CVE-2022-3969 (A vulnerability was found in OpenKM up to 6.3.11 and classified as pro ...)
+	TODO: check
+CVE-2022-3968 (A vulnerability has been found in emlog and classified as problematic. ...)
+	TODO: check
+CVE-2022-3967 (A vulnerability, which was classified as critical, was found in Vesta  ...)
+	TODO: check
+CVE-2022-3966 (A vulnerability, which was classified as critical, has been found in U ...)
+	TODO: check
+CVE-2022-3965 (A vulnerability classified as problematic was found in ffmpeg. This vu ...)
+	TODO: check
+CVE-2022-3964 (A vulnerability classified as problematic has been found in ffmpeg. Th ...)
+	TODO: check
 CVE-2022-45197
 	RESERVED
 CVE-2022-45196 (Hyperledger Fabric 2.3 allows attackers to cause a denial of service ( ...)
@@ -8451,12 +8481,12 @@ CVE-2022-3553 (A vulnerability, which was classified as problematic, was found i
 CVE-2022-3552 (Unrestricted Upload of File with Dangerous Type in GitHub repository b ...)
 	NOT-FOR-US: boxbilling
 CVE-2022-3551 (A vulnerability, which was classified as problematic, has been found i ...)
-	{DLA-3185-1}
+	{DSA-5278-1 DLA-3185-1}
 	- xorg-server 2:21.1.4-3
 	- xwayland <unfixed>
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/commit/18f91b950e22c2a342a4fbc55e9ddf7534a707d2
 CVE-2022-3550 (A vulnerability classified as critical was found in X.org Server. Affe ...)
-	{DLA-3185-1}
+	{DSA-5278-1 DLA-3185-1}
 	- xorg-server 2:21.1.4-3
 	- xwayland <unfixed>
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/commit/11beef0b7f1ed290348e45618e5fa0d2bffcb72e
@@ -22723,7 +22753,7 @@ CVE-2022-37456
 CVE-2022-37455
 	RESERVED
 CVE-2022-37454 (The Keccak XKCP SHA-3 reference implementation before fdc6fef has an i ...)
-	{DSA-5269-1 DSA-5267-1 DLA-3175-1 DLA-3174-1}
+	{DSA-5277-1 DSA-5269-1 DSA-5267-1 DLA-3175-1 DLA-3174-1}
 	- php8.1 8.1.12-1
 	- php7.4 <removed>
 	- php7.3 <removed>
@@ -38503,6 +38533,7 @@ CVE-2022-31631
 	RESERVED
 CVE-2022-31630
 	RESERVED
+	{DSA-5277-1}
 	- php8.1 8.1.12-1
 	- php7.4 <removed>
 	- php7.3 <not-affected> (Vulnerable code introduced later)
@@ -38511,6 +38542,7 @@ CVE-2022-31630
 	NOTE: Introduced by: https://github.com/php/php-src/commit/88b603768f8e5074ad5cbdccc1e0779089fac9d0 (php-7.4.0alpha2)
 	NOTE: Fixed by: https://github.com/php/php-src/commit/ac45ce85c8750a6fb9745093180674d029acc5bd (PHP-8.1.12)
 CVE-2022-31629 (In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability en ...)
+	{DSA-5277-1}
 	- php8.1 8.1.12-1 (bug #1021138)
 	- php7.4 <removed>
 	- php7.3 <removed>
@@ -38518,6 +38550,7 @@ CVE-2022-31629 (In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerabil
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=81727
 	NOTE: https://github.com/php/php-src/commit/0611be4e82887cee0de6c4cbae320d34eec946ca
 CVE-2022-31628 (In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompresso ...)
+	{DSA-5277-1}
 	- php8.1 8.1.12-1 (bug #1021138)
 	- php7.4 <removed>
 	- php7.3 <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a51a052e4a871c65db131da38853337937f6e8f2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a51a052e4a871c65db131da38853337937f6e8f2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221113/cf29d28c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list