[Git][security-tracker-team/security-tracker][master] new leptonlib issue

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Sep 13 12:18:13 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
96ad99b3 by Moritz Muehlenhoff at 2022-09-13T13:17:59+02:00
new leptonlib issue
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5862,9 +5862,9 @@ CVE-2022-38301
 CVE-2022-38300
 	RESERVED
 CVE-2022-38299 (An issue in the Elasticsearch plugin of Appsmith v1.7.11 allows attack ...)
-	TODO: check
+	NOT-FOR-US: Appsmith
 CVE-2022-38298 (Appsmith v1.7.11 was discovered to allow attackers to execute an authe ...)
-	TODO: check
+	NOT-FOR-US: Appsmith
 CVE-2022-38297 (UCMS v1.6.0 contains an authentication bypass vulnerability which is e ...)
 	NOT-FOR-US: UCMS
 CVE-2022-38296 (Cuppa CMS v1.0 was discovered to contain an arbitrary file upload vuln ...)
@@ -5928,7 +5928,10 @@ CVE-2022-38268 (School Activity Updates with SMS Notification v1.0 was discovere
 CVE-2022-38267 (School Activity Updates with SMS Notification v1.0 was discovered to c ...)
 	NOT-FOR-US: School Activity Updates with SMS Notification
 CVE-2022-38266 (An issue in the Leptonica linked library (v1.79.0) in Tesseract v5.0.0 ...)
-	TODO: check
+	- leptonlib 1.82.0-1
+	[bullseye] - leptonlib <no-dsa> (Minor issue)
+	NOTE: https://github.com/DanBloomberg/leptonica/commit/f062b42c0ea8dddebdc6a152fd16152de215d614
+	NOTE: https://github.com/tesseract-ocr/tesseract/issues/3498
 CVE-2022-38265 (Apartment Visitor Management System v1.0 was discovered to contain a S ...)
 	NOT-FOR-US: Apartment Visitor Management System
 CVE-2022-38264



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96ad99b325b25f6dbaba242d0fd2e4b03a364bdb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96ad99b325b25f6dbaba242d0fd2e4b03a364bdb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220913/d4628533/attachment.htm>

More information about the debian-security-tracker-commits mailing list