[Git][security-tracker-team/security-tracker][master] 2 commits: Pinpoint upstream tag introducing issue for CVE-2022-48338

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7a4cea97 by Salvatore Bonaccorso at 2023-02-26T15:08:47+01:00
Pinpoint upstream tag introducing issue for CVE-2022-48338

- - - - -
055fe529 by Salvatore Bonaccorso at 2023-02-26T15:08:47+01:00
Prefix fixing commits reference

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -953,19 +953,19 @@ CVE-2022-48331
 CVE-2022-48339 (An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has  ...)
 	{DSA-5360-1}
 	- emacs 1:28.2+1-11 (bug #1031730)
-	NOTE: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=1b4dc4691c1f87fc970fbe568b43869a15ad0d4c
+	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=1b4dc4691c1f87fc970fbe568b43869a15ad0d4c
 	NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=60295
 CVE-2022-48338 (An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, th ...)
 	{DSA-5360-1}
 	- emacs 1:28.2+1-11 (bug #1031730)
 	[buster] - emacs <not-affected> (Vulnerable code introduced later)
-	NOTE: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=9a3b08061feea14d6f37685ca1ab8801758bfd1c
 	NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=60268
-	NOTE: Introduced by: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=27f5627104a073762c3b1d21e55822ec2d2e0347 (27.1)
+	NOTE: Introduced by: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=27f5627104a073762c3b1d21e55822ec2d2e0347 (emacs-27.0.90)
+	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=9a3b08061feea14d6f37685ca1ab8801758bfd1c
 CVE-2022-48337 (GNU Emacs through 28.2 allows attackers to execute commands via shell  ...)
 	{DSA-5360-1}
 	- emacs 1:28.2+1-11 (bug #1031730)
-	NOTE: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=01a4035c869b91c153af9a9132c87adb7669ea1c
+	NOTE: Fixed by: https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=01a4035c869b91c153af9a9132c87adb7669ea1c
 	NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=59817
 CVE-2023-26213
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6e6feb8bc4931f8841732b76c6e31a8a60ed1361...055fe5293e11e02a87c79e2575af3302db5f9483

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6e6feb8bc4931f8841732b76c6e31a8a60ed1361...055fe5293e11e02a87c79e2575af3302db5f9483
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230226/8e444dd3/attachment.htm>