[Git][security-tracker-team/security-tracker][master] Process some more binutils CVEs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 23 21:10:17 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
145ddb2d by Salvatore Bonaccorso at 2023-08-23T22:09:44+02:00
Process some more binutils CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -45768,13 +45768,22 @@ CVE-2022-47011 (An issue was discovered function parse_stab_struct_fields in sta
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8a24927bc8dbf6beac2000593b21235c3796dc35 (binutils-2_39)
 	NOTE: binutils not covered by security support
 CVE-2022-47010 (An issue was discovered function pr_function_type in prdbg.c in Binuti ...)
-	TODO: check
+	- binutils 2.38.50.20220627-1 (unimportant)
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=29262
+	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0d02e70b197c786f26175b9a73f94e01d14abdab
+	NOTE: binutils not covered by security support
 CVE-2022-47009
 	RESERVED
 CVE-2022-47008 (An issue was discovered function make_tempdir, and make_tempname in bu ...)
-	TODO: check
+	- binutils 2.38.50.20220627-1 (unimportant)
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=29255
+	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d6e1d48c83b165c129cb0aa78905f7ca80a1f682
+	NOTE: binutils not covered by security support
 CVE-2022-47007 (An issue was discovered function stab_demangle_v3_arg in stabs.c in Bi ...)
-	TODO: check
+	- binutils 2.38.50.20220627-1 (unimportant)
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=29254
+	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb
+	NOTE: binutils not covered by security support
 CVE-2022-47006
 	RESERVED
 CVE-2022-47005
@@ -49827,7 +49836,10 @@ CVE-2022-45705
 CVE-2022-45704
 	RESERVED
 CVE-2022-45703 (Heap buffer overflow vulnerability in binutils readelf before 2.40 via ...)
-	TODO: check
+	- binutils 2.40-2 (unimportant)
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=29799
+	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=69bfd1759db41c8d369f9dcc98a135c5a5d97299
+	NOTE: binutils not covered by security support
 CVE-2022-45702
 	RESERVED
 CVE-2022-45701 (Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/145ddb2da0e8e3c865372ad1a0ceb65306e190da

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/145ddb2da0e8e3c865372ad1a0ceb65306e190da
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230823/a60c8f6b/attachment.htm>

More information about the debian-security-tracker-commits mailing list