[Git][security-tracker-team/security-tracker][master] 2 commits: Unify uid in list
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 24 10:33:48 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2b1a0660 by Salvatore Bonaccorso at 2022-11-24T11:25:27+01:00
Unify uid in list
- - - - -
0ec01dcc by Salvatore Bonaccorso at 2022-11-24T11:31:48+01:00
Add CVE-2022-45873/systemd
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,10 @@
CVE-2022-45873 (systemd 250 and 251 allows local users to achieve a systemd-coredump d ...)
- TODO: check
+ - systemd 252-1
+ [bullseye] - systemd <not-affected> (Vulnerable code introduced later)
+ [buster] - systemd <not-affected> (Vulnerable code introduced later)
+ NOTE: https://github.com/systemd/systemd/pull/25055#issuecomment-1313733553
+ NOTE: Fixed by: https://github.com/systemd/systemd/commit/076b807be472630692c5348c60d0c2b7b28ad437 (v252-rc3)
+ NOTE: Introduced by: https://github.com/systemd/systemd/commit/61aea456c12c54f49c4a76259af130e576130ce9 (v250-rc1)
CVE-2022-45872 (iTerm2 before 3.4.18 mishandles a DECRQSS response. ...)
NOT-FOR-US: iTerm2
CVE-2022-45871
=====================================
data/dsa-needed.txt
=====================================
@@ -68,5 +68,5 @@ sox
--
tiff
--
-xfce4-settings (Corsac)
+xfce4-settings (corsac)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/778bff91172866ad880639e69977d7e1f83944f0...0ec01dcc946653a1703908b9cce5654de7ae7879
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/778bff91172866ad880639e69977d7e1f83944f0...0ec01dcc946653a1703908b9cce5654de7ae7879
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221124/a9cd05b3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list