[Git][security-tracker-team/security-tracker][master] 5 commits: mark CVE-2022-36109 as no-dsa for Buster

Mon Sep 26 12:05:50 BST 2022


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4f0cd370 by Thorsten Alteholz at 2022-09-26T13:05:23+02:00
mark CVE-2022-36109 as no-dsa for Buster

- - - - -
3a885c21 by Thorsten Alteholz at 2022-09-26T13:05:24+02:00
mark CVE-2022-41322 as no-dsa for Buster

- - - - -
58ad4383 by Thorsten Alteholz at 2022-09-26T13:05:26+02:00
mark CVE-2022-37186 as no-dsa for Buster

- - - - -
52826e1c by Thorsten Alteholz at 2022-09-26T13:05:27+02:00
mark CVE-2022-37797 as no-dsa for Buster

- - - - -
c7c15943 by Thorsten Alteholz at 2022-09-26T13:05:28+02:00
mark CVE-2022-3204 as no-dsa for Buster

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -552,6 +552,7 @@ CVE-2022-3266
 CVE-2022-41322 (In Kitty before 0.26.2, insufficient validation in the desktop notific ...)
 	- kitty <unfixed> (bug #1020582)
 	[bullseye] - kitty <no-dsa> (Minor issue)
+	[buster] - kitty <no-dsa> (Minor issue)
 	NOTE: https://github.com/kovidgoyal/kitty/commit/f05783e64d5fa62e1aed603e8d69aced5e49824f (v0.26.2)
 CVE-2022-41318 [Buffer Over Read in SSPI and SMB Authentication]
 	RESERVED
@@ -2156,6 +2157,7 @@ CVE-2022-3204
 	RESERVED
 	- unbound 1.16.3-1
 	[bullseye] - unbound <no-dsa> (Minor issue)
+	[buster] - unbound <no-dsa> (Minor issue)
 	NOTE: https://www.nlnetlabs.nl/downloads/unbound/CVE-2022-3204.txt
 	NOTE: Fixed by: https://github.com/NLnetLabs/unbound/commit/137719522a8ea5b380fbb6206d2466f402f5b554 (release-1.16.3)
 CVE-2022-3203
@@ -9493,6 +9495,7 @@ CVE-2022-37798 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack over
 CVE-2022-37797 (In lighttpd 1.4.65, mod_wstunnel does not initialize a handler functio ...)
 	- lighttpd 1.4.66-1
 	[bullseye] - lighttpd <no-dsa> (Minor issue)
+	[buster] - lighttpd <no-dsa> (Minor issue)
 	NOTE: https://redmine.lighttpd.net/issues/3165
 	NOTE: https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/971773f1fae600074b46ef64f3ca1f76c227985f (lighttpd-1.4.66)
 CVE-2022-37796 (In Simple Online Book Store System 1.0 in /admin_book.php the Title, A ...)
@@ -11086,6 +11089,7 @@ CVE-2022-37186 [Session destroyed on portal but still valid on handlers]
 	RESERVED
 	- lemonldap-ng 2.0.15+ds-1
 	[bullseye] - lemonldap-ng <no-dsa> (Minor issue; user activity tracking by handles disabled by default)
+	[buster] - lemonldap-ng <no-dsa> (Minor issue; user activity tracking by handles disabled by default)
 	NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2758
 	NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/59c781b393947663ad3bf26bad0581413dd6fae4 (v2.0.15)
 CVE-2022-37185 (SQL injection vulnerability exists in the school information query int ...)
@@ -13887,6 +13891,7 @@ CVE-2022-36110 (Netmaker makes networks with WireGuard. Prior to version 0.15.1,
 CVE-2022-36109 (Moby is an open-source project created by Docker to enable software co ...)
 	- docker.io <unfixed> (bug #1019601)
 	[bullseye] - docker.io <no-dsa> (Minor issue)
+	[buster] - docker.io <no-dsa> (Minor issue)
 	NOTE: https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4
 	NOTE: https://github.com/moby/moby/commit/de7af816e76a7fd3fbf06bffa6832959289fba32
 CVE-2022-36108 (TYPO3 is an open source PHP based web content management system releas ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ccf87defa3c602d5d574a8b19c2eaca004f40467...c7c15943e35cc62c7d94105ff10ac9ed47437fc5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ccf87defa3c602d5d574a8b19c2eaca004f40467...c7c15943e35cc62c7d94105ff10ac9ed47437fc5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220926/e084e6fd/attachment.htm>
