[Git][security-tracker-team/security-tracker][master] CVE-2022-3715 does not affect buster

Adrian Bunk (@bunk) bunk at debian.org
Sun Jun 4 01:16:05 BST 2023



Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab87f9d5 by Adrian Bunk at 2023-06-04T03:11:38+03:00
CVE-2022-3715 does not affect buster

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46766,9 +46766,10 @@ CVE-2022-3716 (A vulnerability classified as problematic was found in SourceCode
 CVE-2022-3715 (A flaw was found in the bash package, where a heap-buffer overflow can ...)
 	- bash 5.2-1 (bug #1030355)
 	[bullseye] - bash <no-dsa> (Minor issue)
-	[buster] - bash <no-dsa> (Minor issue)
+	[buster] - bash <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2126720
 	NOTE: https://lists.gnu.org/archive/html/bug-bash/2022-08/msg00147.html
+	NOTE: Introduced by: http://git.savannah.gnu.org/cgit/bash.git/commit/?id=bdf37a2d4f0f052ffd15d36de3b3a5d28f357000 (5.1)
 CVE-2022-3714 (A vulnerability classified as critical has been found in SourceCodeste ...)
 	NOT-FOR-US: SourceCodester Online Medicine Ordering System
 CVE-2022-43945 (The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab87f9d5b97a03c73edf2764655a162dc8b4f90f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab87f9d5b97a03c73edf2764655a162dc8b4f90f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230604/9a2b6006/attachment.htm>


More information about the debian-security-tracker-commits mailing list