[Git][security-tracker-team/security-tracker][master] 2 commits: Adjust upstream commit reference according to pull request and commit for netatalk

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 10 14:16:09 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
875ef7ef by Salvatore Bonaccorso at 2023-04-10T15:14:31+02:00
Adjust upstream commit reference according to pull request and commit for netatalk

- - - - -
903f9de3 by Salvatore Bonaccorso at 2023-04-10T15:15:35+02:00
Add commit reference for CVE-2022-45188

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -34330,6 +34330,7 @@ CVE-2022-45189
 CVE-2022-45188 (Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow  ...)
 	- netatalk <unfixed> (bug #1024021)
 	NOTE: https://rushbnt.github.io/bug%20analysis/netatalk-0day/
+	NOTE: https://github.com/Netatalk/netatalk/commit/dfab56846e8f454fe0548347ae6437bd12a05925
 CVE-2022-45187
 	RESERVED
 CVE-2022-45186
@@ -41221,7 +41222,7 @@ CVE-2022-43634 (This vulnerability allows remote attackers to execute arbitrary
 	NOTE: https://github.com/Netatalk/Netatalk/pull/186
 	NOTE: https://github.com/advisories/GHSA-fwj9-7qq8-jc93
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-094/
-	NOTE: https://github.com/Netatalk/netatalk/commit/dfab56846e8f454fe0548347ae6437bd12a05925
+	NOTE: https://github.com/Netatalk/netatalk/commit/5fcb4ab02aced14484310165b3d754bb2f0820ca
 CVE-2022-43633 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
 	NOT-FOR-US: D-Link
 CVE-2022-43632 (This vulnerability allows network-adjacent attackers to execute arbitr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fd7db7e9e0ecf67ca5b9e9dda81ed36f7866a059...903f9de3478c42f69db04cdb2f3295acc6307428

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fd7db7e9e0ecf67ca5b9e9dda81ed36f7866a059...903f9de3478c42f69db04cdb2f3295acc6307428
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230410/1f759c59/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list