[Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Apr 25 20:02:51 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6b2ad6fb by Moritz Mühlenhoff at 2023-04-25T21:02:32+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -58193,7 +58193,7 @@ CVE-2022-37408
CVE-2022-37343
RESERVED
CVE-2022-36788 (A heap-based buffer overflow vulnerability exists in the TriangleMesh ...)
- - slic3r <unfixed>
+ - slic3r <unfixed> (bug #1034848)
[buster] - slic3r <no-dsa> (Minor issue)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1593
CVE-2022-36420
@@ -116436,17 +116436,17 @@ CVE-2021-43520
CVE-2021-43519 (Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 a ...)
- lua5.4 5.4.4-1 (bug #1000228)
[bullseye] - lua5.4 <no-dsa> (Minor issue)
- - lua5.3 <unfixed>
+ - lua5.3 <unfixed> (bug #1034847)
[bookworm] - lua5.3 <ignored> (Minor issue)
[bullseye] - lua5.3 <ignored> (Minor issue)
[buster] - lua5.3 <no-dsa> (Minor issue)
[stretch] - lua5.3 <no-dsa> (Minor issue)
- - lua5.2 <unfixed>
+ - lua5.2 <unfixed> (bug #1034846)
[bookworm] - lua5.2 <ignored> (Minor issue)
[bullseye] - lua5.2 <ignored> (Minor issue)
[buster] - lua5.2 <no-dsa> (Minor issue)
[stretch] - lua5.2 <no-dsa> (Minor issue)
- - lua5.1 <unfixed>
+ - lua5.1 <unfixed> (bug #1034845)
[bookworm] - lua5.1 <ignored> (Minor issue)
[bullseye] - lua5.1 <ignored> (Minor issue)
[buster] - lua5.1 <no-dsa> (Minor issue)
@@ -121133,10 +121133,10 @@ CVE-2021-42522 (There is a Information Disclosure vulnerability in anjuta/plugin
CVE-2021-42521 (There is a NULL pointer dereference vulnerability in VTK before 9.2.5, ...)
- vtk9 <unfixed> (bug #1031877)
[bullseye] - vtk9 <no-dsa> (Minor issue)
- - vtk7 <unfixed>
+ - vtk7 <unfixed> (bug #1034844)
[bullseye] - vtk7 <no-dsa> (Minor issue)
[buster] - vtk7 <no-dsa> (Minor issue)
- - vtk6 <unfixed>
+ - vtk6 <unfixed> (bug #1034843)
[bullseye] - vtk6 <no-dsa> (Minor issue)
[buster] - vtk6 <no-dsa> (Minor issue)
NOTE: https://gitlab.kitware.com/vtk/vtk/-/issues/17818
@@ -123182,7 +123182,7 @@ CVE-2021-41805 (HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11,
CVE-2021-41804
RESERVED
CVE-2021-41803 (HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not properl ...)
- - consul <unfixed>
+ - consul <unfixed> (bug #1034841)
NOTE: https://discuss.hashicorp.com/t/hcsec-2022-19-consul-auto-config-jwt-authorization-missing-input-validation/44627
CVE-2021-41802 (HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3 allowed a ...)
NOT-FOR-US: HashiCorp Vault
@@ -157891,7 +157891,7 @@ CVE-2021-28237 (LibreDWG v0.12.3 was discovered to contain a heap-buffer overflo
CVE-2021-28236 (LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference ...)
- libredwg <itp> (bug #595191)
CVE-2021-28235 (Authentication vulnerability found in Etcd-io v.3.4.10 allows remote a ...)
- - etcd <unfixed>
+ - etcd <unfixed> (bug #1034840)
[buster] - etcd <no-dsa> (Minor issue; only when debug is enabled)
NOTE: https://github.com/etcd-io/etcd/pull/15648
NOTE: https://github.com/etcd-io/etcd/pull/15655
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b2ad6fb4bd18c40a906deacebcfbb41dfb10b5d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b2ad6fb4bd18c40a906deacebcfbb41dfb10b5d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230425/0e249670/attachment.htm>
More information about the debian-security-tracker-commits
mailing list