[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Oct 25 11:33:56 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9ce5b6e9 by Moritz Muehlenhoff at 2022-10-25T12:33:08+02:00
bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -5988,9 +5988,10 @@ CVE-2022-3297 (Use After Free in GitHub repository vim/vim prior to 9.0.0579. ..
NOTE: https://github.com/vim/vim/commit/0ff01835a40f549c5c4a550502f62a2ac9ac447c (v9.0.0579)
NOTE: Crash in CLI tool, no security impact
CVE-2022-3296 (Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...)
- - vim 2:9.0.0626-1
+ - vim 2:9.0.0626-1 (unimportant)
NOTE: https://huntr.dev/bounties/958866b8-526a-4979-9471-39392e0c9077
NOTE: https://github.com/vim/vim/commit/96b9bf8f74af8abf1e30054f996708db7dc285be (v9.0.0577)
+ NOTE: Crash in CLI tool, no security impact
CVE-2022-3295 (Allocation of Resources Without Limits or Throttling in GitHub reposit ...)
- rdiffweb <itp> (bug #969974)
CVE-2022-3294
@@ -49437,6 +49438,7 @@ CVE-2022-0700 (The Simple Tracking WordPress plugin before 1.7 does not sanitise
NOT-FOR-US: WordPress plugin
CVE-2022-0699 (A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 ...)
- shapelib 1.5.0-3 (bug #1022557)
+ [bullseye] - shapelib <no-dsa> (Minor issue)
NOTE: https://github.com/OSGeo/shapelib/commit/c75b9281a5b9452d92e1682bdfe6019a13ed819f
NOTE: https://github.com/OSGeo/shapelib/issues/39
CVE-2022-25597 (ASUS RT-AC86U’s LPD service has insufficient filtering for speci ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -56,9 +56,13 @@ ruby-tzinfo
--
salt
--
+samba
+--
sofia-sip
Maintainer proposed debdiff, though as rebuild of the testing version
--
sox
patch needed for CVE-2021-40426, check with upstream
--
+thunderbird (jmm)
+--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ce5b6e9ab5505b40b5cc89387e82e44cd9f6e5a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ce5b6e9ab5505b40b5cc89387e82e44cd9f6e5a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221025/b7badb78/attachment.htm>
More information about the debian-security-tracker-commits
mailing list