[Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-29264/coreboot

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Sep 21 07:47:18 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
43b487b8 by Salvatore Bonaccorso at 2022-09-21T08:46:45+02:00
Update information for CVE-2022-29264/coreboot

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31825,6 +31825,9 @@ CVE-2022-1351 (Stored XSS in Tooltip in GitHub repository pimcore/pimcore prior
 	NOT-FOR-US: pimcore
 CVE-2022-29264 (An issue was discovered in coreboot 4.13 through 4.16. On APs, arbitra ...)
 	- coreboot <unfixed>
+	NOTE: https://review.coreboot.org/c/coreboot/+/63478
+	NOTE: Introduced by: https://github.com/coreboot/coreboot/commit/afb7a814783cda12f5b72167163b9109ee1d15a7 (4.13)
+	NOTE: Fixed by: https://github.com/coreboot/coreboot/commit/d7c371619a287a3a74e23fc3fcff4793a12deba6 (4.17)
 CVE-2022-28719 (Missing authentication for critical function in AssetView prior to Ver ...)
 	NOT-FOR-US: AssetView
 CVE-2022-1350 (A vulnerability classified as problematic was found in GhostPCL 9.55.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43b487b867505d2d9aa272f8d4e060f36e374c5d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43b487b867505d2d9aa272f8d4e060f36e374c5d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220921/634b84d4/attachment.htm>


More information about the debian-security-tracker-commits mailing list