[Git][security-tracker-team/security-tracker][master] new openbabel issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Jul 23 09:44:01 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
19757f0c by Moritz Muehlenhoff at 2023-07-23T10:43:35+02:00
new openbabel issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43887,21 +43887,29 @@ CVE-2022-46305 (ChangingTec ServiSign component has a path traversal vulnerabili
 CVE-2022-46304 (ChangingTec ServiSign component has insufficient filtering for special ...)
 	NOT-FOR-US: ChangingTec ServiSign
 CVE-2022-46295 (Multiple out-of-bounds write vulnerabilities exist in the translationV ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666
 CVE-2022-46294 (Multiple out-of-bounds write vulnerabilities exist in the translationV ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666
 CVE-2022-46293 (Multiple out-of-bounds write vulnerabilities exist in the translationV ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666
 CVE-2022-46292 (Multiple out-of-bounds write vulnerabilities exist in the translationV ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666
 CVE-2022-46291 (Multiple out-of-bounds write vulnerabilities exist in the translationV ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1666
 CVE-2022-46290 (Multiple out-of-bounds write vulnerabilities exist in the ORCA format  ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1665
 CVE-2022-46289 (Multiple out-of-bounds write vulnerabilities exist in the ORCA format  ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1665
 CVE-2022-46280 (A use of uninitialized pointer vulnerability exists in the PQS format  ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1670
 CVE-2022-46278
 	RESERVED
 CVE-2022-46277
@@ -43939,7 +43947,8 @@ CVE-2022-44615
 CVE-2022-44453
 	RESERVED
 CVE-2022-44451 (A use of uninitialized pointer vulnerability exists in the MSI format  ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1669
 CVE-2022-43664 (A use-after-free vulnerability exists within the way Ichitaro Word Pro ...)
 	NOT-FOR-US: Ichitaro
 CVE-2022-43663 (An integer conversion vulnerability exists in the SORBAx64.dll RecvPac ...)
@@ -43947,9 +43956,11 @@ CVE-2022-43663 (An integer conversion vulnerability exists in the SORBAx64.dll R
 CVE-2022-43503
 	REJECTED
 CVE-2022-43467 (An out-of-bounds write vulnerability exists in the PQS format coord_fi ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1671
 CVE-2022-42885 (A use of uninitialized pointer vulnerability exists in the GRO format  ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1668
 CVE-2022-42489
 	RESERVED
 CVE-2022-4201 (A blind SSRF in GitLab CE/EE affecting all from 11.3 prior to 15.4.6,  ...)
@@ -44031,7 +44042,8 @@ CVE-2022-4180 (Use after free in Mojo in Google Chrome prior to 108.0.5359.71 al
 CVE-2022-41795
 	RESERVED
 CVE-2022-41793 (An out-of-bounds write vulnerability exists in the CSR format title fu ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1667
 CVE-2022-4179 (Use after free in Audio in Google Chrome prior to 108.0.5359.71 allowe ...)
 	{DSA-5293-1}
 	- chromium 108.0.5359.71-1
@@ -44070,7 +44082,8 @@ CVE-2022-4172 (An integer overflow and buffer overflow issues were found in the
 CVE-2022-40973
 	RESERVED
 CVE-2022-37331 (An out-of-bounds write vulnerability exists in the Gaussian format ori ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1672
 CVE-2022-46265 (A vulnerability has been identified in Polarion ALM (All versions < V2 ...)
 	NOT-FOR-US: Siemens
 CVE-2022-46264
@@ -54181,7 +54194,8 @@ CVE-2022-3649 (A vulnerability was found in Linux Kernel. It has been classified
 	[bullseye] - linux 5.10.148-1
 	NOTE: https://git.kernel.org/linus/d325dc6eb763c10f591c239550b8c7e5466a5d09
 CVE-2022-43607 (An out-of-bounds write vulnerability exists in the MOL2 format attribu ...)
-	TODO: check
+	- openbabel <unfixed>
+	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1664
 CVE-2022-43606 (A use-of-uninitialized-pointer vulnerability exists in the Forward Ope ...)
 	NOT-FOR-US: EIP Stack Group OpENer
 CVE-2022-43605 (An out-of-bounds write vulnerability exists in the SetAttributeList at ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19757f0c18f2b0bab5a68d229be7cb7170d73733

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19757f0c18f2b0bab5a68d229be7cb7170d73733
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230723/64a6baaa/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list