[Git][security-tracker-team/security-tracker][master] Add CVE-2022-3611{3,4}/cargo

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Sep 16 15:36:05 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb6225ff by Salvatore Bonaccorso at 2022-09-16T16:35:25+02:00
Add CVE-2022-3611{3,4}/cargo

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11885,9 +11885,19 @@ CVE-2022-36116 (An issue was discovered in Blue Prism Enterprise 6.0 through 7.0
 CVE-2022-36115 (An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In  ...)
 	NOT-FOR-US: Blue Prism Enterprise
 CVE-2022-36114 (Cargo is a package manager for the rust programming language. It was d ...)
-	TODO: check
+	- cargo <unfixed>
+	[bullseye] - cargo <no-dsa> (Minor issue)
+	- rust-cargo <unfixed>
+	[bullseye] - rust-cargo <no-dsa> (Minor issue)
+	NOTE: https://github.com/rust-lang/cargo/security/advisories/GHSA-2hvr-h6gw-qrxp
+	NOTE: https://github.com/rust-lang/cargo/commit/d1f9553c825f6d7481453be8d58d0e7f117988a7
 CVE-2022-36113 (Cargo is a package manager for the rust programming language. After a  ...)
-	TODO: check
+	- cargo <unfixed>
+	[bullseye] - cargo <no-dsa> (Minor issue)
+	- rust-cargo <unfixed>
+	[bullseye] - rust-cargo <no-dsa> (Minor issue)
+	NOTE: https://github.com/rust-lang/cargo/security/advisories/GHSA-rfj2-q3h3-hm5j
+	NOTE: https://github.com/rust-lang/cargo/commit/97b80919e404b0768ea31ae329c3b4da54bed05a
 CVE-2022-36112 (GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free  ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb6225ff7df0198ea80af1ae4165d6a06addbe59

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb6225ff7df0198ea80af1ae4165d6a06addbe59
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220916/8d7d2ce5/attachment.htm>


More information about the debian-security-tracker-commits mailing list