[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Sep 17 21:10:29 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0a2fb283 by security tracker role at 2022-09-17T20:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2022-40763
+ RESERVED
+CVE-2022-3235
+ RESERVED
CVE-2022-40762 (A Memory Allocation with Excessive Size Value vulnerablity in the TEE_ ...)
NOT-FOR-US: Samsung mTower
CVE-2022-40761 (The function tee_obj_free in Samsung mTower through 0.3.0 allows a tru ...)
@@ -45,8 +49,8 @@ CVE-2022-3233
RESERVED
CVE-2022-3232
RESERVED
-CVE-2022-3231
- RESERVED
+CVE-2022-3231 (Cross-site Scripting (XSS) - Stored in GitHub repository librenms/libr ...)
+ TODO: check
CVE-2022-3230
RESERVED
CVE-2022-3229
@@ -1902,8 +1906,8 @@ CVE-2022-39962
RESERVED
CVE-2022-39961
RESERVED
-CVE-2022-39960
- RESERVED
+CVE-2022-39960 (The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not ...)
+ TODO: check
CVE-2022-3135
RESERVED
CVE-2022-3134 (Use After Free in GitHub repository vim/vim prior to 9.0.0389. ...)
@@ -21745,7 +21749,7 @@ CVE-2022-32295 (On Ampere Altra and AltraMax devices before SRP 1.09, the Altra
CVE-2022-32294 (Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-l ...)
NOT-FOR-US: Zimbra
CVE-2022-32293 (In ConnMan through 1.41, a man-in-the-middle attack against a WISPR HT ...)
- {DLA-3105-1}
+ {DSA-5231-1 DLA-3105-1}
- connman 1.41-2 (bug #1016976)
NOTE: https://lore.kernel.org/connman/20220801080043.4861-1-wagi@monom.org/
NOTE: https://lore.kernel.org/connman/20220801080043.4861-3-wagi@monom.org/
@@ -21753,7 +21757,7 @@ CVE-2022-32293 (In ConnMan through 1.41, a man-in-the-middle attack against a WI
NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=72343929836de80727a27d6744c869dff045757c
NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=416bfaff988882c553c672e5bfc2d4f648d29e8a
CVE-2022-32292 (In ConnMan through 1.41, remote attackers able to send HTTP requests t ...)
- {DLA-3105-1}
+ {DSA-5231-1 DLA-3105-1}
- connman 1.41-2 (bug #1016976)
NOTE: https://lore.kernel.org/connman/20220801080043.4861-5-wagi@monom.org/
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1200189
@@ -50270,7 +50274,7 @@ CVE-2022-23100 (OX App Suite through 7.10.6 allows OS Command Injection via Docu
CVE-2022-23099 (OX App Suite through 7.10.6 allows XSS by forcing block-wise read. ...)
NOT-FOR-US: OX App Suite
CVE-2022-23098 (An issue was discovered in the DNS proxy in Connman through 1.40. The ...)
- {DLA-2915-1}
+ {DSA-5231-1 DLA-2915-1}
- connman 1.36-2.4 (bug #1004935)
[buster] - connman <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2022/01/25/1
@@ -50278,14 +50282,14 @@ CVE-2022-23098 (An issue was discovered in the DNS proxy in Connman through 1.40
NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d8708b85c1e8fe25af7803e8a20cf20e7201d8a4
NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c34313a196515c80fe78a2862ad78174b985be5
CVE-2022-23097 (An issue was discovered in the DNS proxy in Connman through 1.40. forw ...)
- {DLA-2915-1}
+ {DSA-5231-1 DLA-2915-1}
- connman 1.36-2.4 (bug #1004935)
[buster] - connman <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2022/01/25/1
NOTE: https://lore.kernel.org/connman/20220125090026.5108-1-wagi@monom.org/
NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e5a313736e13c90d19085e953a26256a198e4950
CVE-2022-23096 (An issue was discovered in the DNS proxy in Connman through 1.40. The ...)
- {DLA-2915-1}
+ {DSA-5231-1 DLA-2915-1}
- connman 1.36-2.4 (bug #1004935)
[buster] - connman <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2022/01/25/1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a2fb283d3e9164c92cdf6e534f97ddc850c1307
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a2fb283d3e9164c92cdf6e534f97ddc850c1307
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220917/325dea81/attachment.htm>
More information about the debian-security-tracker-commits
mailing list