[Git][security-tracker-team/security-tracker][master] Add CVE-2022-39260 and CVE-2022-39253

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Oct 18 20:11:54 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f375f005 by Salvatore Bonaccorso at 2022-10-18T21:11:16+02:00
Add CVE-2022-39260 and CVE-2022-39253

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9784,6 +9784,9 @@ CVE-2022-39261 (Twig is a template language for PHP. Versions 1.x prior to 1.44.
 	NOTE: https://github.com/twigphp/Twig/commit/35f3035c5deb0041da7b84daf02dea074ddc7a0b (v1.44.7, v2.15.3, v3.4.3)
 CVE-2022-39260
 	RESERVED
+	- git <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/10/18/5
+	NOTE: https://lore.kernel.org/git/xmqq4jw1uku5.fsf@gitster.g/T/#u
 CVE-2022-39259
 	RESERVED
 CVE-2022-39258 (mailcow is a mailserver suite. A vulnerability innversions prior to 20 ...)
@@ -9801,6 +9804,9 @@ CVE-2022-39254 (matrix-nio is a Python Matrix client library, designed according
 	NOTE: https://github.com/poljar/matrix-nio/commit/b1cbf234a831daa160673defd596e6450e9c29f0 (0.20.0)
 CVE-2022-39253
 	RESERVED
+	- git <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/10/18/5
+	NOTE: https://lore.kernel.org/git/xmqq4jw1uku5.fsf@gitster.g/T/#u
 CVE-2022-39252 (matrix-rust-sdk is an implementation of a Matrix client-server library ...)
 	NOT-FOR-US: matrix-rust-sdk
 CVE-2022-39251 (Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript.  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f375f005470e4cd7d90b4ae86b9c7ee158d11ea9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f375f005470e4cd7d90b4ae86b9c7ee158d11ea9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221018/2b0d23d1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list