[Git][security-tracker-team/security-tracker][master] Process more binutils CVEs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 23 21:38:18 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3d965b9f by Salvatore Bonaccorso at 2023-08-23T22:37:49+02:00
Process more binutils CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -52495,7 +52495,10 @@ CVE-2022-44842
 CVE-2022-44841
 	RESERVED
 CVE-2022-44840 (Heap buffer overflow vulnerability in binutils readelf before 2.40 via ...)
-	TODO: check
+	- binutils 2.40-2 (unimportant)
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=29732
+	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=28750e3b967da2207d51cbce9fc8be262817ee59
+	NOTE: binutils not covered by security support
 CVE-2022-44839
 	RESERVED
 CVE-2022-44838 (Automotive Shop Management System v1.0 was discovered to contain a SQL ...)
@@ -81609,9 +81612,15 @@ CVE-2022-35208
 CVE-2022-35207
 	RESERVED
 CVE-2022-35206 (Null pointer dereference vulnerability in Binutils readelf 2.38.50 via ...)
-	TODO: check
+	- binutils 2.38.50.20220627-1 (unimportant)
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=29290
+	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e98e7d9a70dcc987bff0e925f20b78cd4a2979ed
+	NOTE: binutils not covered by security support
 CVE-2022-35205 (An issue was discovered in Binutils readelf 2.38.50, reachable asserti ...)
-	TODO: check
+	- binutils 2.38.50.20220627-1 (unimportant)
+	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=29289
+	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e3e5ae049371a27fd1737aba946fe26d06e029b5
+	NOTE: binutils not covered by security support
 CVE-2022-35204 (Vitejs Vite before v2.9.13 was discovered to allow attackers to perfor ...)
 	NOT-FOR-US: Vitejs Vite
 CVE-2022-35203 (An access control issue in TrendNet TV-IP572PI v1.0 allows unauthentic ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d965b9fbf1d52cd965442496c4d2c3ae1693b17

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d965b9fbf1d52cd965442496c4d2c3ae1693b17
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230823/9c0e9c7f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list