[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Sep 17 21:10:29 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0a2fb283 by security tracker role at 2022-09-17T20:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2022-40763
+	RESERVED
+CVE-2022-3235
+	RESERVED
 CVE-2022-40762 (A Memory Allocation with Excessive Size Value vulnerablity in the TEE_ ...)
 	NOT-FOR-US: Samsung mTower
 CVE-2022-40761 (The function tee_obj_free in Samsung mTower through 0.3.0 allows a tru ...)
@@ -45,8 +49,8 @@ CVE-2022-3233
 	RESERVED
 CVE-2022-3232
 	RESERVED
-CVE-2022-3231
-	RESERVED
+CVE-2022-3231 (Cross-site Scripting (XSS) - Stored in GitHub repository librenms/libr ...)
+	TODO: check
 CVE-2022-3230
 	RESERVED
 CVE-2022-3229
@@ -1902,8 +1906,8 @@ CVE-2022-39962
 	RESERVED
 CVE-2022-39961
 	RESERVED
-CVE-2022-39960
-	RESERVED
+CVE-2022-39960 (The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not ...)
+	TODO: check
 CVE-2022-3135
 	RESERVED
 CVE-2022-3134 (Use After Free in GitHub repository vim/vim prior to 9.0.0389. ...)
@@ -21745,7 +21749,7 @@ CVE-2022-32295 (On Ampere Altra and AltraMax devices before SRP 1.09, the Altra
 CVE-2022-32294 (Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-l ...)
 	NOT-FOR-US: Zimbra
 CVE-2022-32293 (In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HT ...)
-	{DLA-3105-1}
+	{DSA-5231-1 DLA-3105-1}
 	- connman 1.41-2 (bug #1016976)
 	NOTE: https://lore.kernel.org/connman/20220801080043.4861-1-wagi@monom.org/
 	NOTE: https://lore.kernel.org/connman/20220801080043.4861-3-wagi@monom.org/
@@ -21753,7 +21757,7 @@ CVE-2022-32293 (In ConnMan through 1.41, a man-in-the-middle attack against a WI
 	NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=72343929836de80727a27d6744c869dff045757c
 	NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=416bfaff988882c553c672e5bfc2d4f648d29e8a
 CVE-2022-32292 (In ConnMan through 1.41, remote attackers able to send HTTP requests t ...)
-	{DLA-3105-1}
+	{DSA-5231-1 DLA-3105-1}
 	- connman 1.41-2 (bug #1016976)
 	NOTE: https://lore.kernel.org/connman/20220801080043.4861-5-wagi@monom.org/
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1200189
@@ -50270,7 +50274,7 @@ CVE-2022-23100 (OX App Suite through 7.10.6 allows OS Command Injection via Docu
 CVE-2022-23099 (OX App Suite through 7.10.6 allows XSS by forcing block-wise read. ...)
 	NOT-FOR-US: OX App Suite
 CVE-2022-23098 (An issue was discovered in the DNS proxy in Connman through 1.40. The  ...)
-	{DLA-2915-1}
+	{DSA-5231-1 DLA-2915-1}
 	- connman 1.36-2.4 (bug #1004935)
 	[buster] - connman <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/01/25/1
@@ -50278,14 +50282,14 @@ CVE-2022-23098 (An issue was discovered in the DNS proxy in Connman through 1.40
 	NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d8708b85c1e8fe25af7803e8a20cf20e7201d8a4
 	NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c34313a196515c80fe78a2862ad78174b985be5
 CVE-2022-23097 (An issue was discovered in the DNS proxy in Connman through 1.40. forw ...)
-	{DLA-2915-1}
+	{DSA-5231-1 DLA-2915-1}
 	- connman 1.36-2.4 (bug #1004935)
 	[buster] - connman <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/01/25/1
 	NOTE: https://lore.kernel.org/connman/20220125090026.5108-1-wagi@monom.org/
 	NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e5a313736e13c90d19085e953a26256a198e4950
 CVE-2022-23096 (An issue was discovered in the DNS proxy in Connman through 1.40. The  ...)
-	{DLA-2915-1}
+	{DSA-5231-1 DLA-2915-1}
 	- connman 1.36-2.4 (bug #1004935)
 	[buster] - connman <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/01/25/1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a2fb283d3e9164c92cdf6e534f97ddc850c1307

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a2fb283d3e9164c92cdf6e534f97ddc850c1307
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220917/325dea81/attachment.htm>


More information about the debian-security-tracker-commits mailing list