[Git][security-tracker-team/security-tracker][master] Add CVE-2022-42969/python-py and mark it unimportant
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Oct 19 13:51:26 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e1405d50 by Salvatore Bonaccorso at 2022-10-19T14:50:39+02:00
Add CVE-2022-42969/python-py and mark it unimportant
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1142,7 +1142,10 @@ CVE-2022-3521 (A vulnerability has been found in Linux Kernel and classified as
- linux <unfixed>
NOTE: https://git.kernel.org/linus/ec7eede369fe5b0d085ac51fdbb95184f87bfc6c
CVE-2022-42969 (The py library through 1.11.0 for Python allows remote attackers to co ...)
- TODO: check
+ - python-py <unfixed> (unimportant)
+ NOTE: https://github.com/pytest-dev/py/issues/287
+ NOTE: Negligible security impact and disputed upstream
+ NOTE: https://github.com/pytest-dev/py/issues/287#issuecomment-1283784766
CVE-2022-42968 (Gitea before 1.17.3 does not sanitize and escape refs in the git backe ...)
- gitea <removed>
CVE-2022-42967
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1405d50b0258cbd50a08703bea5e006a4af4aa6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e1405d50b0258cbd50a08703bea5e006a4af4aa6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221019/2ff1e4ce/attachment.htm>
More information about the debian-security-tracker-commits
mailing list