[Git][security-tracker-team/security-tracker][master] 2 commits: lts: CVE-2022-24963/apr n/a on buster

Emilio Pozuelo Monfort (@pochu) pochu at debian.org
Tue Feb 7 12:21:45 GMT 2023 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e4e31753 by Emilio Pozuelo Monfort at 2023-02-07T13:19:38+01:00
lts: CVE-2022-24963/apr n/a on buster

- - - - -
1ebecfee by Emilio Pozuelo Monfort at 2023-02-07T13:19:38+01:00
lts: add apr-util

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -78770,6 +78770,7 @@ CVE-2022-24964
 	RESERVED
 CVE-2022-24963 (Integer Overflow or Wraparound vulnerability in apr_encode functions o ...)
 	- apr 1.7.2-1
+	[buster] - apr <not-affected> (Vulnerable code introduced later)
 	NOTE: https://lists.apache.org/thread/fw9p6sdncwsjkstwc066vz57xqzfksq9
 	NOTE: http://svn.apache.org/r1904675
 CVE-2022-24962


=====================================
data/dla-needed.txt
=====================================
@@ -23,6 +23,9 @@ apache2 (Lee Garrett)
   NOTE: 20221227: VCS: https://salsa.debian.org/lts-team/packages/apache2.git
   NOTE: 20221227: Special attention: Double check an update! Package is used by many customers and users!.
 --
+apr-util
+  NOTE: 20230207: Programming language: C.
+--
 asterisk (Lee Garrett)
   NOTE: 20221211: Programming language: C.
   NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/asterisk.git



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6e97125283911a2d694ad256427849b929fe4e5f...1ebecfee4f051ec75c6d33c82140ef515c719eaa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6e97125283911a2d694ad256427849b929fe4e5f...1ebecfee4f051ec75c6d33c82140ef515c719eaa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230207/288cc71e/attachment.htm>

More information about the debian-security-tracker-commits mailing list