[Git][security-tracker-team/security-tracker][master] 2 commits: dla: add pluxml
Sylvain Beucler (@beuc)
beuc at debian.org
Tue Sep 13 10:05:39 BST 2022
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cefce46c by Sylvain Beucler at 2022-09-13T11:00:44+02:00
dla: add pluxml
- - - - -
36fe0037 by Sylvain Beucler at 2022-09-13T11:00:46+02:00
nvidia-graphics-drivers: no-dsa->ignored to precise triage for lts-cve-triage.py
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -23431,7 +23431,7 @@ CVE-2022-31615
RESERVED
- nvidia-graphics-drivers 470.141.03-1 (bug #1016614)
[bullseye] - nvidia-graphics-drivers 470.141.03-1~deb11u1
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1016615)
[buster] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-legacy-390xx 390.154-1 (bug #1016616)
@@ -23463,7 +23463,7 @@ CVE-2022-31608
RESERVED
- nvidia-graphics-drivers 470.141.03-1 (bug #1016614)
[bullseye] - nvidia-graphics-drivers 470.141.03-1~deb11u1
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1016615)
[buster] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-legacy-390xx 390.154-1 (bug #1016616)
@@ -23483,7 +23483,7 @@ CVE-2022-31607
RESERVED
- nvidia-graphics-drivers 470.141.03-1 (bug #1016614)
[bullseye] - nvidia-graphics-drivers 470.141.03-1~deb11u1
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1016615)
[buster] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-legacy-390xx 390.154-1 (bug #1016616)
@@ -33589,7 +33589,7 @@ CVE-2022-28193 (NVIDIA Jetson Linux Driver Package contains a vulnerability in t
CVE-2022-28192 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
- nvidia-graphics-drivers 470.129.06-1 (bug #1011140)
[bullseye] - nvidia-graphics-drivers 470.129.06-5~deb11u1
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
- nvidia-graphics-drivers-tesla-418 <unfixed> (bug #1011143)
[bullseye] - nvidia-graphics-drivers-tesla-418 <ignored> (Non-free not supported, driver is EOLed and updates impossible)
- nvidia-graphics-drivers-tesla-450 450.191.01-1 (bug #1011144)
@@ -33604,7 +33604,7 @@ CVE-2022-28192 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU
CVE-2022-28191 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...)
- nvidia-graphics-drivers 470.129.06-1 (bug #1011140)
[bullseye] - nvidia-graphics-drivers 470.129.06-5~deb11u1
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
- nvidia-graphics-drivers-tesla-460 <unfixed> (bug #1011145)
[bullseye] - nvidia-graphics-drivers-tesla-460 <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-tesla-470 470.129.06-1 (bug #1011146)
@@ -33625,7 +33625,7 @@ CVE-2022-28186 (NVIDIA GPU Display Driver for Windows contains a vulnerability i
CVE-2022-28185 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
- nvidia-graphics-drivers 470.129.06-1 (bug #1011140)
[bullseye] - nvidia-graphics-drivers 470.129.06-5~deb11u1
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1011141)
[buster] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported)
[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia anymore)
@@ -33646,7 +33646,7 @@ CVE-2022-28185 (NVIDIA GPU Display Driver for Windows and Linux contains a vulne
CVE-2022-28184 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
- nvidia-graphics-drivers 470.129.06-1 (bug #1011140)
[bullseye] - nvidia-graphics-drivers 470.129.06-5~deb11u1
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
- nvidia-graphics-drivers-tesla-460 <unfixed> (bug #1011145)
[bullseye] - nvidia-graphics-drivers-tesla-460 <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-tesla-470 470.129.06-1 (bug #1011146)
@@ -33657,7 +33657,7 @@ CVE-2022-28184 (NVIDIA GPU Display Driver for Windows and Linux contains a vulne
CVE-2022-28183 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
- nvidia-graphics-drivers 470.129.06-1 (bug #1011140)
[bullseye] - nvidia-graphics-drivers 470.129.06-5~deb11u1
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
- nvidia-graphics-drivers-tesla-460 <unfixed> (bug #1011145)
[bullseye] - nvidia-graphics-drivers-tesla-460 <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-tesla-470 470.129.06-1 (bug #1011146)
@@ -33670,7 +33670,7 @@ CVE-2022-28182 (NVIDIA GPU Display Driver for Windows contains a vulnerability i
CVE-2022-28181 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
- nvidia-graphics-drivers 470.129.06-1 (bug #1011140)
[bullseye] - nvidia-graphics-drivers 470.129.06-5~deb11u1
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1011141)
[buster] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported)
[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia anymore)
@@ -57360,12 +57360,12 @@ CVE-2022-21815 (NVIDIA GPU Display Driver for Windows contains a vulnerability i
CVE-2022-21814 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 470.103.01-1 (bug #1004847)
[bullseye] - nvidia-graphics-drivers 470.129.06-5~deb11u1
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
- nvidia-graphics-drivers-tesla-470 470.103.01-1 (bug #1004853)
CVE-2022-21813 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
- nvidia-graphics-drivers 470.103.01-1 (bug #1004847)
[bullseye] - nvidia-graphics-drivers 470.129.06-5~deb11u1
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
- nvidia-graphics-drivers-tesla-470 470.103.01-1 (bug #1004853)
CVE-2021-44795 (Single Connect does not perform an authorization check when using the ...)
NOT-FOR-US: Single Connect
@@ -132520,7 +132520,7 @@ CVE-2021-1078 (NVIDIA Windows GPU Display Driver for Windows, all versions, cont
NOT-FOR-US: NVIDIA Windows GPU Display Driver for Windows
CVE-2021-1077 (NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver ...)
- nvidia-graphics-drivers 460.73.01-1 (bug #987216)
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
[stretch] - nvidia-graphics-drivers <not-affected> (R390 not affected)
- nvidia-graphics-drivers-tesla-450 450.119.03-1 (bug #987221)
- nvidia-graphics-drivers-tesla-460 460.73.01-1 (bug #987222)
@@ -132593,12 +132593,12 @@ CVE-2021-1054 (NVIDIA GPU Display Driver for Windows, all versions, contains a v
NOT-FOR-US: NVIDIA Windows drivers
CVE-2021-1053 (NVIDIA GPU Display Driver for Windows and Linux, all versions, contain ...)
- nvidia-graphics-drivers 460.32.03-1 (bug #979670)
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
[stretch] - nvidia-graphics-drivers <not-affected> (R390 not affected)
- nvidia-graphics-drivers-tesla-450 450.102.04-1 (bug #979675)
CVE-2021-1052 (NVIDIA GPU Display Driver for Windows and Linux, all versions, contain ...)
- nvidia-graphics-drivers 460.32.03-1 (bug #979670)
- [buster] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
+ [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
[stretch] - nvidia-graphics-drivers <not-affected> (R390 not affected)
- nvidia-graphics-drivers-tesla-450 450.102.04-1 (bug #979675)
CVE-2021-1051 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...)
=====================================
data/dla-needed.txt
=====================================
@@ -119,6 +119,10 @@ phpseclib
NOTE: 20220909: Programming language: PHP.
NOTE: 20220909: Note the discussion whether 2.0 is in fact affected by the CVE or not. It looks like it is affected by a small part of it that is best to fix..
--
+pluxml
+ NOTE: 20220913: Programming language: PHP.
+ NOTE: 20220913: Special attention: orphaned package.
+--
poppler (Markus Koschany)
NOTE: 20220904: Programming language: C.
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c1b250545807455d4927c135d3cf4cb0e8fb55bc...36fe0037ab4910aa20ebf936ed13479a6ea964fc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c1b250545807455d4927c135d3cf4cb0e8fb55bc...36fe0037ab4910aa20ebf936ed13479a6ea964fc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220913/0550abe2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list