[Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Oct 13 20:22:58 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6cebc00a by Moritz Muehlenhoff at 2022-10-13T21:22:40+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2022-42904
CVE-2022-42903
RESERVED
CVE-2022-42902 (In Linaro Automated Validation Architecture (LAVA) before 2022.10, the ...)
- - lava <unfixed>
+ - lava <unfixed> (bug #1021737)
NOTE: https://git.lavasoftware.org/lava/lava/-/merge_requests/1834
NOTE: https://git.lavasoftware.org/lava/lava/-/commit/e66b74cd6c175ff8826b8f3431740963be228b52?merge_request_iid=1834
CVE-2022-42901 (Bentley MicroStation and MicroStation-based applications may be affect ...)
@@ -6337,7 +6337,7 @@ CVE-2022-3169 (A flaw was found in the Linux kernel. A denial of service flaw ma
CVE-2022-3168
RESERVED
CVE-2019-25076 (The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.1 ...)
- - openvswitch <unfixed>
+ - openvswitch <unfixed> (bug #1021740)
[bullseye] - openvswitch <no-dsa> (Minor issue)
NOTE: https://arxiv.org/abs/2011.09107
NOTE: https://sites.google.com/view/tuple-space-explosion
@@ -49214,7 +49214,7 @@ CVE-2022-24841 (fleetdm/fleet is an open source device management, built on osqu
CVE-2022-24840 (django-s3file is a lightweight file upload input for Django and Amazon ...)
NOT-FOR-US: django-s3file
CVE-2022-24839 (org.cyberneko.html is an html parser written in Java. The fork of `org ...)
- - nekohtml <unfixed>
+ - nekohtml <unfixed> (bug #1021739)
[bullseye] - nekohtml <no-dsa> (Minor issue)
[buster] - nekohtml <no-dsa> (Minor issue)
[stretch] - nekohtml <no-dsa> (Minor issue)
@@ -78270,11 +78270,11 @@ CVE-2021-40650 (In Connx Version 6.2.0.1269 (20210623), a cookie can be issued b
CVE-2021-40649 (In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the ...)
NOT-FOR-US: Connx
CVE-2021-40648 (In man2html 1.6g, a filename can be created to overwrite the previous ...)
- - man2html <unfixed>
+ - man2html <unfixed> (bug #1021738)
[bullseye] - man2html <no-dsa> (Minor issue)
NOTE: https://gist.github.com/untaman/cb58123fe89fc65e3984165db5d40933
CVE-2021-40647 (In man2html 1.6g, a specific string being read in from a file will ove ...)
- - man2html <unfixed>
+ - man2html <unfixed> (bug #1021738)
[bullseye] - man2html <no-dsa> (Minor issue)
NOTE: https://gist.github.com/untaman/cb58123fe89fc65e3984165db5d40933
CVE-2021-40646
@@ -127080,7 +127080,7 @@ CVE-2020-35857 (An issue was discovered in the trust-dns-server crate before 0.1
CVE-2019-25011 (NetBox through 2.6.2 allows an Authenticated User to conduct an XSS at ...)
NOT-FOR-US: NetBox
CVE-2019-25010 (An issue was discovered in the failure crate through 2019-11-13 for Ru ...)
- - rust-failure <unfixed>
+ - rust-failure <unfixed> (bug #969839)
[bullseye] - rust-failure <no-dsa> (Minor issue, unmaintained/deprecated upstream)
[buster] - rust-failure <no-dsa> (Minor issue, unmaintained/deprecated upstream)
NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0036.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6cebc00af2c166f45f96b3e760c287cfd45015b4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6cebc00af2c166f45f96b3e760c287cfd45015b4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221013/03aeb01f/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list