[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for tcpreplay issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Sep 22 20:25:32 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5c2a708e by Salvatore Bonaccorso at 2022-09-22T20:26:23+02:00
Track fixed version via unstable for tcpreplay issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10757,16 +10757,16 @@ CVE-2022-37051
 CVE-2022-37050
 	RESERVED
 CVE-2022-37049 (The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a  ...)
-	- tcpreplay <unfixed> (unimportant; bug #1018057)
+	- tcpreplay 4.4.2-1 (unimportant; bug #1018057)
 	NOTE: https://github.com/appneta/tcpreplay/issues/736
 	NOTE: https://github.com/appneta/tcpreplay/issues/718
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-37048 (The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain ...)
-	- tcpreplay <unfixed> (unimportant; bug #1018057)
+	- tcpreplay 4.4.2-1 (unimportant; bug #1018057)
 	NOTE: https://github.com/appneta/tcpreplay/issues/735
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-37047 (The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain ...)
-	- tcpreplay <unfixed> (unimportant; bug #1018057)
+	- tcpreplay 4.4.2-1 (unimportant; bug #1018057)
 	NOTE: https://github.com/appneta/tcpreplay/issues/734
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-37046
@@ -34474,7 +34474,7 @@ CVE-2022-28489
 CVE-2022-28488 (The function wav_format_write in libwav.c in libwav through 2017-04-20 ...)
 	NOT-FOR-US: libwav
 CVE-2022-28487 (Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_che ...)
-	- tcpreplay <unfixed> (unimportant; bug #1018057)
+	- tcpreplay 4.4.2-1 (unimportant; bug #1018057)
 	NOTE: https://github.com/appneta/tcpreplay/issues/723
 	NOTE: https://github.com/appneta/tcpreplay/pull/720
 	NOTE: Crash in CLI tool, no security impact
@@ -36250,19 +36250,19 @@ CVE-2022-27943 (libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumpti
 	NOTE: Negligible security impact
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105039
 CVE-2022-27942 (tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_ ...)
-	- tcpreplay <unfixed> (unimportant; bug #1018057)
+	- tcpreplay 4.4.2-1 (unimportant; bug #1018057)
 	NOTE: https://github.com/appneta/tcpreplay/issues/719
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-27941 (tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get ...)
-	- tcpreplay <unfixed> (unimportant; bug #1018057)
+	- tcpreplay 4.4.2-1 (unimportant; bug #1018057)
 	NOTE: https://github.com/appneta/tcpreplay/issues/716
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-27940 (tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get ...)
-	- tcpreplay <unfixed> (unimportant; bug #1018057)
+	- tcpreplay 4.4.2-1 (unimportant; bug #1018057)
 	NOTE: https://github.com/appneta/tcpreplay/issues/718
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-27939 (tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_ ...)
-	- tcpreplay <unfixed> (unimportant; bug #1018057)
+	- tcpreplay 4.4.2-1 (unimportant; bug #1018057)
 	NOTE: https://github.com/appneta/tcpreplay/issues/717
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-27938 (stb_image.h (aka the stb image loader) 2.19, as used in libsixel and o ...)
@@ -43135,7 +43135,7 @@ CVE-2022-25486 (CuppaCMS v1.0 was discovered to contain a local file inclusion v
 CVE-2022-25485 (CuppaCMS v1.0 was discovered to contain a local file inclusion via the ...)
 	NOT-FOR-US: CuppaCMS
 CVE-2022-25484 (tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in pac ...)
-	- tcpreplay <unfixed> (unimportant; bug #1018057)
+	- tcpreplay 4.4.2-1 (unimportant; bug #1018057)
 	NOTE: https://github.com/appneta/tcpreplay/issues/715
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-25483



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c2a708e5e502d860af678a8000d7dcff5c8a876

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c2a708e5e502d860af678a8000d7dcff5c8a876
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220922/03bb0bc0/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list