[Git][security-tracker-team/security-tracker][master] "new" chromium issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Aug 1 13:12:38 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2b2b63a0 by Moritz Mühlenhoff at 2023-08-01T14:12:03+02:00
"new" chromium issues

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26724,19 +26724,36 @@ CVE-2022-4919 (Use after free in Base Internals in Google Chrome prior to 101.0.
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-4918 (Use after free in UI in Google Chrome prior to 102.0.5005.61 allowed a ...)
-	TODO: check
+	{DSA-5148-1}
+	- chromium 102.0.5005.61-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
+	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-4917 (Incorrect security UI in Notifications in Google Chrome on Android pri ...)
-	TODO: check
+	{DSA-5168-1}
+	- chromium 103.0.5060.53-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
+	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-4916 (Use after free in Media in Google Chrome prior to 103.0.5060.53 allowe ...)
-	TODO: check
+	{DSA-5168-1}
+	- chromium 103.0.5060.53-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
+	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-4915 (Inappropriate implementation in URL Formatting in Google Chrome prior  ...)
-	TODO: check
+	{DSA-5187-1}
+	- chromium 103.0.5060.134-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-4914 (Heap buffer overflow in PrintPreview in Google Chrome prior to 104.0.5 ...)
-	TODO: check
+	{DSA-5201-1}
+	- chromium 104.0.5112.79-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-4913 (Inappropriate implementation in Extensions in Google Chrome prior to 1 ...)
-	TODO: check
+	{DSA-5223-1}
+	- chromium 105.0.5195.52-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-4912 (Type Confusion in MathML in Google Chrome prior to 105.0.5195.52 allow ...)
-	TODO: check
+	{DSA-5223-1}
+	- chromium 105.0.5195.52-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-4911 (Insufficient data validation in DevTools in Google Chrome prior to 106 ...)
 	TODO: check
 CVE-2022-4910 (Inappropriate implementation in Autofill in Google Chrome prior to 107 ...)


=====================================
data/DSA/list
=====================================
@@ -752,7 +752,7 @@
 	{CVE-2022-27337 CVE-2022-38784}
 	[bullseye] - poppler 20.09.0-3.1+deb11u1
 [01 Sep 2022] DSA-5223-1 chromium - security update
-	{CVE-2022-3038 CVE-2022-3039 CVE-2022-3040 CVE-2022-3041 CVE-2022-3042 CVE-2022-3043 CVE-2022-3044 CVE-2022-3045 CVE-2022-3046 CVE-2022-3047 CVE-2022-3048 CVE-2022-3049 CVE-2022-3050 CVE-2022-3051 CVE-2022-3052 CVE-2022-3053 CVE-2022-3054 CVE-2022-3055 CVE-2022-3056 CVE-2022-3057 CVE-2022-3058 CVE-2022-3071}
+	{CVE-2022-3038 CVE-2022-3039 CVE-2022-3040 CVE-2022-3041 CVE-2022-3042 CVE-2022-3043 CVE-2022-3044 CVE-2022-3045 CVE-2022-3046 CVE-2022-3047 CVE-2022-3048 CVE-2022-3049 CVE-2022-3050 CVE-2022-3051 CVE-2022-3052 CVE-2022-3053 CVE-2022-3054 CVE-2022-3055 CVE-2022-3056 CVE-2022-3057 CVE-2022-3058 CVE-2022-3071 CVE-2022-4912 CVE-2022-4913}
 	[bullseye] - chromium 105.0.5195.52-1~deb11u1
 [30 Aug 2022] DSA-5222-1 dpdk - security update
 	{CVE-2022-2132 CVE-2022-28199}
@@ -818,7 +818,7 @@
 	{CVE-2022-0529 CVE-2022-0530}
 	[bullseye] - unzip 6.0-26+deb11u1
 [07 Aug 2022] DSA-5201-1 chromium - security update
-	{CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612 CVE-2022-2613 CVE-2022-2614 CVE-2022-2615 CVE-2022-2616 CVE-2022-2617 CVE-2022-2618 CVE-2022-2619 CVE-2022-2620 CVE-2022-2621 CVE-2022-2622 CVE-2022-2623 CVE-2022-2624 CVE-2022-2742 CVE-2022-2743}
+	{CVE-2022-2603 CVE-2022-2604 CVE-2022-2605 CVE-2022-2606 CVE-2022-2607 CVE-2022-2608 CVE-2022-2609 CVE-2022-2610 CVE-2022-2611 CVE-2022-2612 CVE-2022-2613 CVE-2022-2614 CVE-2022-2615 CVE-2022-2616 CVE-2022-2617 CVE-2022-2618 CVE-2022-2619 CVE-2022-2620 CVE-2022-2621 CVE-2022-2622 CVE-2022-2623 CVE-2022-2624 CVE-2022-2742 CVE-2022-2743 CVE-2022-4914}
 	[bullseye] - chromium 104.0.5112.79-1~deb11u1
 [07 Aug 2022] DSA-5200-1 libtirpc - security update
 	{CVE-2021-46828}
@@ -867,7 +867,7 @@
 	[buster] - openjdk-11 11.0.16+8-1~deb10u1
 	[bullseye] - openjdk-11 11.0.16+8-1~deb11u1
 [22 Jul 2022] DSA-5187-1 chromium - security update
-	{CVE-2022-2163 CVE-2022-2477 CVE-2022-2478 CVE-2022-2479 CVE-2022-2480 CVE-2022-2481}
+	{CVE-2022-2163 CVE-2022-2477 CVE-2022-2478 CVE-2022-2479 CVE-2022-2480 CVE-2022-2481 CVE-2022-4915}
 	[bullseye] - chromium 103.0.5060.134-1~deb11u1
 [22 Jul 2022] DSA-5186-1 djangorestframework - security update
 	{CVE-2020-25626 CVE-2018-25045}
@@ -934,7 +934,7 @@
 	[buster] - openssl 1.1.1n-0+deb10u3
 	[bullseye] - openssl 1.1.1n-0+deb11u3
 [22 Jun 2022] DSA-5168-1 chromium - security update
-	{CVE-2022-2156 CVE-2022-2157 CVE-2022-2158 CVE-2022-2160 CVE-2022-2161 CVE-2022-2162 CVE-2022-2163 CVE-2022-2164 CVE-2022-2165 CVE-2022-2415}
+	{CVE-2022-2156 CVE-2022-2157 CVE-2022-2158 CVE-2022-2160 CVE-2022-2161 CVE-2022-2162 CVE-2022-2163 CVE-2022-2164 CVE-2022-2165 CVE-2022-2415 CVE-2022-4916 CVE-2022-4917}
 	[bullseye] - chromium 103.0.5060.53-1~deb11u1
 [22 Jun 2022] DSA-5167-1 firejail - security update
 	{CVE-2022-31214}
@@ -1006,7 +1006,7 @@
 	[buster] - cups 2.2.10-6+deb10u6
 	[bullseye] - cups 2.3.3op2-3+deb11u2
 [25 May 2022] DSA-5148-1 chromium - security update
-	{CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856 CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861 CVE-2022-1862 CVE-2022-1863 CVE-2022-1864 CVE-2022-1865 CVE-2022-1866 CVE-2022-1867 CVE-2022-1868 CVE-2022-1869 CVE-2022-1870 CVE-2022-1871 CVE-2022-1872 CVE-2022-1873 CVE-2022-1874 CVE-2022-1875 CVE-2022-1876}
+	{CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856 CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861 CVE-2022-1862 CVE-2022-1863 CVE-2022-1864 CVE-2022-1865 CVE-2022-1866 CVE-2022-1867 CVE-2022-1868 CVE-2022-1869 CVE-2022-1870 CVE-2022-1871 CVE-2022-1872 CVE-2022-1873 CVE-2022-1874 CVE-2022-1875 CVE-2022-1876 CVE-2022-4918}
 	[bullseye] - chromium 102.0.5005.61-1~deb11u1
 [25 May 2022] DSA-5147-1 dpkg - security update
 	{CVE-2022-1664}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b2b63a04b9b77cf9e1f5abf5a5965280e3f6370

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b2b63a04b9b77cf9e1f5abf5a5965280e3f6370
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230801/dd6f49ef/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list