[Git][security-tracker-team/security-tracker][master] 2 commits: Adjust upstream commit reference according to pull request and commit for netatalk
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Apr 10 14:16:09 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
875ef7ef by Salvatore Bonaccorso at 2023-04-10T15:14:31+02:00
Adjust upstream commit reference according to pull request and commit for netatalk
- - - - -
903f9de3 by Salvatore Bonaccorso at 2023-04-10T15:15:35+02:00
Add commit reference for CVE-2022-45188
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -34330,6 +34330,7 @@ CVE-2022-45189
CVE-2022-45188 (Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow ...)
- netatalk <unfixed> (bug #1024021)
NOTE: https://rushbnt.github.io/bug%20analysis/netatalk-0day/
+ NOTE: https://github.com/Netatalk/netatalk/commit/dfab56846e8f454fe0548347ae6437bd12a05925
CVE-2022-45187
RESERVED
CVE-2022-45186
@@ -41221,7 +41222,7 @@ CVE-2022-43634 (This vulnerability allows remote attackers to execute arbitrary
NOTE: https://github.com/Netatalk/Netatalk/pull/186
NOTE: https://github.com/advisories/GHSA-fwj9-7qq8-jc93
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-094/
- NOTE: https://github.com/Netatalk/netatalk/commit/dfab56846e8f454fe0548347ae6437bd12a05925
+ NOTE: https://github.com/Netatalk/netatalk/commit/5fcb4ab02aced14484310165b3d754bb2f0820ca
CVE-2022-43633 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
NOT-FOR-US: D-Link
CVE-2022-43632 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fd7db7e9e0ecf67ca5b9e9dda81ed36f7866a059...903f9de3478c42f69db04cdb2f3295acc6307428
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fd7db7e9e0ecf67ca5b9e9dda81ed36f7866a059...903f9de3478c42f69db04cdb2f3295acc6307428
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230410/1f759c59/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list