[Git][security-tracker-team/security-tracker][master] bullseye triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Nov 23 20:12:01 GMT 2022



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
55038710 by Moritz Muehlenhoff at 2022-11-23T21:06:46+01:00
bullseye triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -7864,6 +7864,7 @@ CVE-2022-3716 (A vulnerability classified as problematic was found in SourceCode
 CVE-2022-3715 [a heap-buffer-overflow in valid_parameter_transform]
 	RESERVED
 	- bash <unfixed>
+	[bullseye] - bash <no-dsa> (Minor issue)
 	[buster] - bash <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2126720
 	NOTE: https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html
@@ -8590,6 +8591,7 @@ CVE-2021-46850 (myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel
 	NOT-FOR-US: myVesta Control Panel
 CVE-2021-46849 (pikepdf before 2.10.0 allows an XXE attack against PDF XMP metadata pa ...)
 	- pikepdf 3.2.0+dfsg-1
+	[bullseye] - pikepdf <no-dsa> (Minor issue)
 	[buster] - pikepdf <no-dsa> (Minor issue)
 	NOTE: https://github.com/pikepdf/pikepdf/blob/v2.10.0/docs/release_notes.rst#v2100
 CVE-2021-46848 (GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check ...)
@@ -19642,6 +19644,7 @@ CVE-2022-39261 (Twig is a template language for PHP. Versions 1.x prior to 1.44.
 	NOTE: https://github.com/twigphp/Twig/commit/35f3035c5deb0041da7b84daf02dea074ddc7a0b (v1.44.7, v2.15.3, v3.4.3)
 CVE-2022-39260 (Git is an open source, scalable, distributed revision control system.  ...)
 	- git 1:2.38.1-1 (bug #1022046)
+	[bullseye] - git <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/10/18/5
 	NOTE: https://lore.kernel.org/git/xmqq4jw1uku5.fsf@gitster.g/T/#u
 	NOTE: https://github.com/git/git/commit/32696a4cbe90929ae79ea442f5102c513ce3dfaa (v2.30.6)
@@ -19664,6 +19667,7 @@ CVE-2022-39254 (matrix-nio is a Python Matrix client library, designed according
 	NOTE: https://github.com/poljar/matrix-nio/commit/b1cbf234a831daa160673defd596e6450e9c29f0 (0.20.0)
 CVE-2022-39253 (Git is an open source, scalable, distributed revision control system.  ...)
 	- git 1:2.38.1-1 (bug #1022046)
+	[bullseye] - git <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/10/18/5
 	NOTE: https://lore.kernel.org/git/xmqq4jw1uku5.fsf@gitster.g/T/#u
 	NOTE: https://github.com/git/git/commit/6f054f9fb3a501c35b55c65e547a244f14c38d56 (v2.30.6)
@@ -19723,6 +19727,7 @@ CVE-2022-39238 (Arvados is an open source platform for managing and analyzing bi
 	NOT-FOR-US: Arvados
 CVE-2022-39237 (syslabs/sif is the Singularity Image Format (SIF) reference implementa ...)
 	- golang-github-sylabs-sif <unfixed> (bug #1023570)
+	[bullseye] - golang-github-sylabs-sif <no-dsa> (Minor issue)
 	- singularity-container 3.10.3+ds1-1
 	NOTE: https://github.com/sylabs/sif/security/advisories/GHSA-m5m3-46gj-wch8
 	NOTE: https://github.com/sylabs/sif/commit/21972852d8783bc93fbf080190de8e1978f1c254 (v2.8.1)
@@ -38927,10 +38932,10 @@ CVE-2022-1969 (The Mobile browser color select plugin for WordPress is vulnerabl
 	NOT-FOR-US: Mobile browser color select plugin for WordPress
 CVE-2022-1968 (Use After Free in GitHub repository vim/vim prior to 8.2. ...)
 	{DLA-3182-1 DLA-3053-1}
-	- vim 2:9.0.0135-1 (bug #1015984)
-	[bullseye] - vim <no-dsa> (Minor issue)
+	- vim 2:9.0.0135-1 (bug #1015984; unimportant)
 	NOTE: https://huntr.dev/bounties/949090e5-f4ea-4edf-bd79-cd98f0498a5b
 	NOTE: https://github.com/vim/vim/commit/409510c588b1eec1ae33511ae97a21eb8e110895 (v8.2.5050)
+	NOTE: Crash in CLI tool, no security impact
 CVE-2022-1967 (The WP Championship WordPress plugin before 9.3 is lacking CSRF checks ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-1966
@@ -40316,10 +40321,10 @@ CVE-2022-1899 (Out-of-bounds Read in GitHub repository radareorg/radare2 prior t
 	NOTE: https://github.com/radareorg/radare2/commit/193f4fe01d7f626e2ea937450f2e0c4604420e9d
 CVE-2022-1898 (Use After Free in GitHub repository vim/vim prior to 8.2. ...)
 	{DLA-3182-1 DLA-3053-1}
-	- vim 2:9.0.0135-1 (bug #1015984)
-	[bullseye] - vim <no-dsa> (Minor issue)
+	- vim 2:9.0.0135-1 (bug #1015984; unimportant)
 	NOTE: https://huntr.dev/bounties/45aad635-c2f1-47ca-a4f9-db5b25979cea
 	NOTE: https://github.com/vim/vim/commit/e2fa213cf571041dbd04ab0329303ffdc980678a (v8.2.5024)
+	NOTE: Crash in CLI tool, no security impact
 CVE-2022-1897 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...)
 	- vim 2:9.0.0135-1 (bug #1015984)
 	[bullseye] - vim <no-dsa> (Minor issue)
@@ -40922,10 +40927,10 @@ CVE-2022-1852 (A NULL pointer dereference flaw was found in the Linux kernel&#82
 	NOTE: https://git.kernel.org/linus/fee060cd52d69c114b62d1a2948ea9648b5131f9
 CVE-2022-1851 (Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...)
 	{DLA-3182-1 DLA-3053-1}
-	- vim 2:9.0.0135-1 (bug #1015984)
-	[bullseye] - vim <no-dsa> (Minor issue)
+	- vim 2:9.0.0135-1 (bug #1015984; unimportant)
 	NOTE: https://huntr.dev/bounties/f8af901a-9a46-440d-942a-8f815b59394d
 	NOTE: https://github.com/vim/vim/commit/78d52883e10d71f23ab72a3d8b9733b00da8c9ad (v8.2.5013)
+	NOTE: Crash in CLI tool, no security impact
 CVE-2022-1850 (Path Traversal in GitHub repository filegator/filegator prior to 7.8.0 ...)
 	NOT-FOR-US: filegator
 CVE-2022-1849 (Session Fixation in GitHub repository filegator/filegator prior to 7.8 ...)
@@ -53859,6 +53864,7 @@ CVE-2022-27192 (The Reporting module in Aseco Lietuva document management system
 	NOT-FOR-US: Aseco
 CVE-2022-27191 (The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1 ...)
 	- golang-go.crypto 1:0.0~git20220315.3147a52-1
+	[bullseye] - golang-go.crypto <no-dsa> (Minor issue)
 	[buster] - golang-go.crypto <postponed> (Limited support, follow bullseye DSAs/point-releases)
 	NOTE: https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ
 	NOTE: https://github.com/golang/crypto/commit/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d
@@ -64541,6 +64547,7 @@ CVE-2022-23825 (Aliases in the branch predictor may cause some AMD processors to
 	{DSA-5184-1}
 	- linux <unfixed>
 	- xen 4.16.2-1
+	[bullseye] - xen <postponed> (Fix along in next DSA)
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://comsec.ethz.ch/research/microarch/retbleed/
 	NOTE: https://comsec.ethz.ch/wp-content/files/retbleed_addendum_sec22.pdf
@@ -72747,12 +72754,14 @@ CVE-2021-45293 (A Denial of Service vulnerability exists in Binaryen 103 due to
 	NOTE: Crash in CLI tool, no security impact
 CVE-2021-45292 (The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to c ...)
 	- gpac 2.0.0+dfsg1-2
+	[bullseye] - gpac <no-dsa> (Minor issue)
 	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	[stretch] - gpac <end-of-life> (No longer supported in LTS)
 	NOTE: https://github.com/gpac/gpac/issues/1958
 	NOTE: https://github.com/gpac/gpac/commit/3dafcb5e71e9ffebb50238784dcad8b105da81f6 (v2.0.0)
 CVE-2021-45291 (The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cau ...)
 	- gpac 2.0.0+dfsg1-2
+	[bullseye] - gpac <no-dsa> (Minor issue)
 	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	[stretch] - gpac <end-of-life> (No longer supported in LTS)
 	NOTE: https://github.com/gpac/gpac/issues/1955
@@ -72765,12 +72774,14 @@ CVE-2021-45290 (A Denial of Service vulnerability exits in Binaryen 103 due to a
 	NOTE: Crash in CLI tool, no security impact
 CVE-2021-45289 (A vulnerability exists in GPAC 1.0.1 due to an omission of security-re ...)
 	- gpac 2.0.0+dfsg1-2
+	[bullseye] - gpac <no-dsa> (Minor issue)
 	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	[stretch] - gpac <end-of-life> (No longer supported in LTS)
 	NOTE: https://github.com/gpac/gpac/issues/1972
 	NOTE: https://github.com/gpac/gpac/commit/5e1f084e0c6ad2736c9913715c4abb57c554209d (v2.0.0)
 CVE-2021-45288 (A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which  ...)
 	- gpac 2.0.0+dfsg1-2
+	[bullseye] - gpac <no-dsa> (Minor issue)
 	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	[stretch] - gpac <end-of-life> (No longer supported in LTS)
 	NOTE: https://github.com/gpac/gpac/issues/1956
@@ -72817,6 +72828,7 @@ CVE-2021-45268 (** DISPUTED ** A Cross Site Request Forgery (CSRF) vulnerability
 	- backdrop <itp> (bug #914257)
 CVE-2021-45267 (An invalid memory address dereference vulnerability exists in gpac 1.1 ...)
 	- gpac 2.0.0+dfsg1-2
+	[bullseye] - gpac <no-dsa> (Minor issue)
 	[buster] - gpac <end-of-life> (EOL in buster LTS)
 	[stretch] - gpac <end-of-life> (No longer supported in LTS)
 	NOTE: https://github.com/gpac/gpac/issues/1965
@@ -79807,6 +79819,7 @@ CVE-2021-43566 (All versions of Samba prior to 4.13.16 are vulnerable to a malic
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13979
 CVE-2021-43565 (The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of g ...)
 	- golang-go.crypto 1:0.0~git20211202.5770296-1
+	[bullseye] - golang-go.crypto <no-dsa> (Minor issue)
 	[buster] - golang-go.crypto <postponed> (Limited support, minor issue, follow bullseye DSAs/point-releases)
 	[stretch] - golang-go.crypto <postponed> (Limited support in stretch)
 	NOTE: https://github.com/golang/crypto/commit/5770296d904e90f15f38f77dfc2e43fdf5efc083
@@ -135200,6 +135213,7 @@ CVE-2021-22574
 	RESERVED
 CVE-2021-22573 (The vulnerability is that IDToken verifier does not verify if token is ...)
 	- google-oauth-client-java 1.33.3-1 (bug #1010657)
+	[bullseye] - google-oauth-client-java <no-dsa> (Minor issue)
 	NOTE: https://github.com/googleapis/google-oauth-java-client/issues/786
 	NOTE: https://github.com/googleapis/google-oauth-java-client/pull/861
 	NOTE: https://github.com/googleapis/google-oauth-java-client/pull/872 (1.33.3)


=====================================
data/dsa-needed.txt
=====================================
@@ -18,6 +18,10 @@ frr
 --
 gerbv
 --
+graphicsmagick (jmm)
+--
+lava
+--
 linux (carnil)
   Wait until more issues have piled up, though try to regulary rebase for point
   releases to more recent v5.10.y versions
@@ -37,6 +41,8 @@ php-horde-mime-viewer
 --
 php-horde-turba
 --
+pngcheck (jmm)
+--
 rails
 --
 rpki-client



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5503871020355a40cf41fb5a1602c6a7b78deee7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5503871020355a40cf41fb5a1602c6a7b78deee7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221123/874a279f/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list