[Git][security-tracker-team/security-tracker][master] Mark CVE-2022-29264/coreboot as unimportant

Wed Sep 21 10:49:59 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ef454f88 by Salvatore Bonaccorso at 2022-09-21T11:49:24+02:00
Mark CVE-2022-29264/coreboot as unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31994,10 +31994,11 @@ CVE-2022-1352 (Due to an insecure direct object reference vulnerability in Gitla
 CVE-2022-1351 (Stored XSS in Tooltip in GitHub repository pimcore/pimcore prior to 10 ...)
 	NOT-FOR-US: pimcore
 CVE-2022-29264 (An issue was discovered in coreboot 4.13 through 4.16. On APs, arbitra ...)
-	- coreboot <unfixed>
+	- coreboot <unfixed> (unimportant)
 	NOTE: https://review.coreboot.org/c/coreboot/+/63478
 	NOTE: Introduced by: https://github.com/coreboot/coreboot/commit/afb7a814783cda12f5b72167163b9109ee1d15a7 (4.13)
 	NOTE: Fixed by: https://github.com/coreboot/coreboot/commit/d7c371619a287a3a74e23fc3fcff4793a12deba6 (4.17)
+	NOTE: src:coreutils builds only the utilities
 CVE-2022-28719 (Missing authentication for critical function in AssetView prior to Ver ...)
 	NOT-FOR-US: AssetView
 CVE-2022-1350 (A vulnerability classified as problematic was found in GhostPCL 9.55.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef454f88112cd45283e378cbaefda9d77d0d0b23

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ef454f88112cd45283e378cbaefda9d77d0d0b23
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220921/e52a379a/attachment-0001.htm>
