[Git][security-tracker-team/security-tracker][master] Move listing of CVE-2022-3970, CVE-2022-3626 and CVE-2022-3598 to DSA-5333-1 entry

Thu Feb 23 10:10:28 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6a173a3c by Salvatore Bonaccorso at 2023-02-23T11:00:14+01:00
Move listing of CVE-2022-3970, CVE-2022-3626 and CVE-2022-3598 to DSA-5333-1 entry

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22558,7 +22558,6 @@ CVE-2022-3971 (A vulnerability was found in matrix-appservice-irc up to 0.35.1.
 CVE-2022-3970 (A vulnerability was found in LibTIFF. It has been classified as critic ...)
 	{DLA-3278-1}
 	- tiff 4.4.0-6 (bug #1024737)
-	[bullseye] - tiff 4.2.0-1+deb11u3
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137
 	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be
 	NOTE: https://oss-fuzz.com/download?testcase_id=5738253143900160
@@ -30042,7 +30041,6 @@ CVE-2022-3627 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtif
 CVE-2022-3626 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif ...)
 	{DLA-3278-1}
 	- tiff 4.4.0-5 (bug #1022555)
-	[bullseye] - tiff 4.2.0-1+deb11u3
 	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
 	NOTE: https://gitlab.com/libtiff/libtiff/-/issues/426
 CVE-2022-3625 (A vulnerability was found in Linux Kernel. It has been classified as c ...)
@@ -30134,7 +30132,6 @@ CVE-2022-3599 (LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in
 CVE-2022-3598 (LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifte ...)
 	{DLA-3278-1}
 	- tiff 4.4.0-5 (bug #1022555)
-	[bullseye] - tiff 4.2.0-1+deb11u3
 	NOTE: https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff (v4.5.0rc1)
 	NOTE: https://gitlab.com/libtiff/libtiff/-/issues/435
 CVE-2022-3597 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif ...)


=====================================
data/DSA/list
=====================================
@@ -74,7 +74,7 @@
 	{CVE-2022-45060}
 	[bullseye] - varnish 6.5.1-1+deb11u3
 [29 Jan 2023] DSA-5333-1 tiff - security update
-	{CVE-2022-1354 CVE-2022-1355 CVE-2022-1622 CVE-2022-1623 CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-2867 CVE-2022-2868 CVE-2022-2869 CVE-2022-2953 CVE-2022-3570 CVE-2022-3597 CVE-2022-3599 CVE-2022-3627 CVE-2022-3636 CVE-2022-34526 CVE-2022-48281}
+	{CVE-2022-1354 CVE-2022-1355 CVE-2022-1622 CVE-2022-1623 CVE-2022-2056 CVE-2022-2057 CVE-2022-2058 CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-2867 CVE-2022-2868 CVE-2022-2869 CVE-2022-2953 CVE-2022-3570 CVE-2022-3597 CVE-2022-3598 CVE-2022-3599 CVE-2022-3626 CVE-2022-3627 CVE-2022-3636 CVE-2022-3970 CVE-2022-34526 CVE-2022-48281}
 	[bullseye] - tiff 4.2.0-1+deb11u3
 [29 Jan 2023] DSA-5332-1 git - security update
 	{CVE-2022-23521 CVE-2022-24765 CVE-2022-29187 CVE-2022-39253 CVE-2022-39260 CVE-2022-41903}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a173a3cb8452bfb8abfe451b653efdecf611062

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a173a3cb8452bfb8abfe451b653efdecf611062
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230223/5d0b5d5b/attachment.htm>
