[Git][security-tracker-team/security-tracker][master] Note CVE-2022-46871 (libusrsctp) as ignored for buster
Bastien Roucariès (@rouca)
rouca at debian.org
Tue Jul 4 09:02:00 BST 2023
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9b2b839e by Bastien Roucariès at 2023-07-04T08:01:05+00:00
Note CVE-2022-46871 (libusrsctp) as ignored for buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -38986,6 +38986,7 @@ CVE-2022-46872 (An attacker who compromised a content process could have partial
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/#CVE-2022-46872
CVE-2022-46871 (An out of date library (libusrsctp) contained vulnerabilities that cou ...)
{DSA-5355-1 DSA-5322-1 DLA-3324-1 DLA-3275-1}
+ [buster] - libusrsctp <ignored> (Fix too intrusive and risky to to backport for a minor issue)
- libusrsctp 0.9.3.0+20201007-1
- firefox 108.0-1
- firefox-esr 102.7.0esr-1
@@ -38995,6 +38996,7 @@ CVE-2022-46871 (An out of date library (libusrsctp) contained vulnerabilities th
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2023-03/#CVE-2022-46871
NOTE: https://bugs.launchpad.net/ubuntu/+source/libusrsctp/+bug/2015448
NOTE: https://github.com/sctplab/usrsctp/commit/939d48f9632d69bf170c7a84514b312b6b42257d (0.9.4.0)
+ NOTE: https://lists.debian.org/debian-lts/2023/06/msg00051.html
CVE-2022-46870 (An Improper Neutralization of Input During Web Page Generation ('Cross ...)
NOT-FOR-US: Apache Zeppelin
CVE-2022-46869
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b2b839e0a84b06c35884aafb86882400d1b9d5e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b2b839e0a84b06c35884aafb86882400d1b9d5e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230704/100ba1be/attachment.htm>
More information about the debian-security-tracker-commits
mailing list