[Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-2990/golang-github-containers-buildah

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
43c9e55c by Salvatore Bonaccorso at 2022-11-25T10:30:05+01:00
Update information for CVE-2022-2990/golang-github-containers-buildah

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21443,10 +21443,10 @@ CVE-2022-2991 (A heap-based buffer overflow was found in the Linux kernel's Ligh
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-960/
 	NOTE: CONFIG_NVM not enabled in Debian
 CVE-2022-2990 (An incorrect handling of the supplementary groups in the Buildah conta ...)
-	- golang-github-containers-buildah <unfixed>
+	- golang-github-containers-buildah 1.28.0+ds1-2
 	NOTE: https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
 	NOTE: https://github.com/containers/buildah/pull/4200
-	NOTE: https://github.com/containers/buildah/commit/9934b17365083ce966b44c5ce3c7e052f516e255
+	NOTE: https://github.com/containers/buildah/commit/9934b17365083ce966b44c5ce3c7e052f516e255 (v1.28.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2121453
 CVE-2022-2989 (An incorrect handling of the supplementary groups in the Podman contai ...)
 	[experimental] - libpod 4.3.1+ds1-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43c9e55c1ba2bda9b30ef63bf88dc4cd6439e45f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43c9e55c1ba2bda9b30ef63bf88dc4cd6439e45f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221125/d831a819/attachment.htm>