[Git][security-tracker-team/security-tracker][master] bugnums

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
df892199 by Moritz Muehlenhoff at 2022-10-14T20:50:56+02:00
bugnums
additional reference for latest lnux/wifi issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -72,7 +72,7 @@ CVE-2022-3480
 	RESERVED
 CVE-2022-3479
 	RESERVED
-	- nss <unfixed>
+	- nss <unfixed> (bug #1021786)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1774654
 CVE-2022-42907
 	RESERVED
@@ -149,7 +149,7 @@ CVE-2022-3463
 CVE-2022-3462
 	RESERVED
 CVE-2022-42889 (Apache Commons Text performs variable interpolation, allowing properti ...)
-	- commons-text <unfixed>
+	- commons-text <unfixed> (bug #1021787)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/10/13/4
 CVE-2022-42878
 	RESERVED
@@ -554,21 +554,25 @@ CVE-2022-42722 (In the Linux kernel 5.8 through 5.19.14, local attackers able to
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/10/13/2
 	NOTE: https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u
+	NOTE: https://github.com/PurpleVsGreen/beacown
 CVE-2022-42721 (A list management bug in BSS handling in the mac80211 stack in the Lin ...)
 	- linux <unfixed>
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/10/13/2
 	NOTE: https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u
+	NOTE: https://github.com/PurpleVsGreen/beacown
 CVE-2022-42720 (Various refcounting bugs in the multi-BSS handling in the mac80211 sta ...)
 	- linux <unfixed>
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/10/13/2
 	NOTE: https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u
+	NOTE: https://github.com/PurpleVsGreen/beacown
 CVE-2022-42719 (A use-after-free in the mac80211 stack when parsing a multi-BSSID elem ...)
 	- linux <unfixed>
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/10/13/2
 	NOTE: https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u
+	NOTE: https://github.com/PurpleVsGreen/beacown
 CVE-2022-42718
 	RESERVED
 CVE-2022-42717 (An issue was discovered in Hashicorp Packer before 2.3.1. The recommen ...)
@@ -2901,6 +2905,7 @@ CVE-2022-41674 (An issue was discovered in the Linux kernel through 5.19.11. Att
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/10/13/2
 	NOTE: https://lore.kernel.org/netdev/20221013100522.46346-1-johannes@sipsolutions.net/T/#u
+	NOTE: https://github.com/PurpleVsGreen/beacown
 CVE-2022-41673
 	RESERVED
 CVE-2022-41672 (In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn' ...)
@@ -27855,7 +27860,7 @@ CVE-2022-32150
 	RESERVED
 CVE-2022-32149
 	RESERVED
-	- golang-golang-x-text <unfixed>
+	- golang-golang-x-text <unfixed> (bug #1021785)
 	NOTE: https://groups.google.com/g/golang-dev/c/qfPIly0X7aU.
 	NOTE: https://go.dev/issue/56152.
 	NOTE: https://github.com/golang/text/commit/434eadcdbc3b0256971992e8c70027278364c72c



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df892199f31089c57a9c97de3115264eb64b2fe1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df892199f31089c57a9c97de3115264eb64b2fe1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221014/da3543aa/attachment-0001.htm>