[Git][security-tracker-team/security-tracker][master] new gitlab, check-mk issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Feb 16 14:39:03 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eefa0d3d by Moritz Muehlenhoff at 2023-02-16T15:38:30+01:00
new gitlab, check-mk issues
xpdf n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5876,7 +5876,7 @@ CVE-2022-46303
 CVE-2022-46302
 	RESERVED
 CVE-2022-43440 (Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk b ...)
-	TODO: check
+	- check-mk <removed>
 CVE-2021-4314 (It is possible to manipulate the JWT token without the knowledge of th ...)
 	NOT-FOR-US: Zowe
 CVE-2017-20174 (A vulnerability was found in bastianallgeier Kirby Webmentions Plugin  ...)
@@ -19554,9 +19554,9 @@ CVE-2022-45589 (SQL Injection vulnerability in Talend ESB Runtime 7.3.1-R2022-09
 CVE-2022-45588 (XML External Entity (XXE) vulnerability in Talend Remote Engine Gen 2  ...)
 	NOT-FOR-US: Talend
 CVE-2022-45587 (Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpd ...)
-	TODO: check
+	- xpdf <not-affected> (Debian uses poppler, which is not affected)
 CVE-2022-45586 (Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in ...)
-	TODO: check
+	- xpdf <not-affected> (Debian uses poppler, which is not affected)
 CVE-2022-45585
 	RESERVED
 CVE-2022-45584
@@ -31288,7 +31288,7 @@ CVE-2022-3413 (Incorrect authorization during display of Audit Events in GitLab
 CVE-2022-3412
 	RESERVED
 CVE-2022-3411 (A lack of length validation in GitLab CE/EE affecting all versions fro ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2022-3410
 	RESERVED
 CVE-2022-3409 (A vulnerability in bmcweb of OpenBMC Project allows user to cause deni ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eefa0d3df8a63618a38f04bc94ad28f5ba03b009

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eefa0d3df8a63618a38f04bc94ad28f5ba03b009
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230216/7d9fc1af/attachment.htm>

More information about the debian-security-tracker-commits mailing list