[Git][security-tracker-team/security-tracker][master] Reference specifically the commits for CVE-2022-43681, CVE-2022-40318 and CVE-2022-40302
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 29 19:45:01 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
27b29c83 by Salvatore Bonaccorso at 2023-06-29T20:44:06+02:00
Reference specifically the commits for CVE-2022-43681, CVE-2022-40318 and CVE-2022-40302
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -50548,10 +50548,7 @@ CVE-2022-43681 (An out-of-bounds read exists in the BGP daemon of FRRouting FRR
[buster] - frr <no-dsa> (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/13427
NOTE: https://github.com/FRRouting/frr/issues/13480
- NOTE: Fixes for CVE-2022-43681/CVE-2022-40318/CVE-2022-40302:
- NOTE: https://github.com/FRRouting/frr/commit/1117baca3c592877a4d8a13ed6a1d9bd83977487 (base_8.4)
- NOTE: https://github.com/FRRouting/frr/commit/3e46b43e3788f0f87bae56a86b54d412b4710286 (base_8.4)
- NOTE: https://github.com/FRRouting/frr/commit/766eec1b7accffe2c04a5c9ebb14e9f487bb9f78 (base_8.5)
+ NOTE: https://github.com/FRRouting/frr/commit/6c4ca9812976596bf8b5226600269fc4031f1422 (frr-8.4)
CVE-2022-43680 (In libexpat through 2.4.9, there is a use-after free caused by overeag ...)
{DSA-5266-1 DLA-3165-1}
- expat 2.5.0-1 (bug #1022743)
@@ -59829,10 +59826,7 @@ CVE-2022-40318 (An issue was discovered in bgpd in FRRouting (FRR) through 8.4.
[buster] - frr <no-dsa> (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/13427
NOTE: https://github.com/FRRouting/frr/issues/13480
- NOTE: Fixes for CVE-2022-43681/CVE-2022-40318/CVE-2022-40302:
NOTE: https://github.com/FRRouting/frr/commit/1117baca3c592877a4d8a13ed6a1d9bd83977487 (base_8.4)
- NOTE: https://github.com/FRRouting/frr/commit/3e46b43e3788f0f87bae56a86b54d412b4710286 (base_8.4)
- NOTE: https://github.com/FRRouting/frr/commit/766eec1b7accffe2c04a5c9ebb14e9f487bb9f78 (base_8.5)
CVE-2022-40317 (OpenKM 6.3.11 allows stored XSS related to the javascript: subst ...)
NOT-FOR-US: OpenKM
CVE-2022-40316 (The H5P activity attempts report did not filter by groups, which in se ...)
@@ -59899,10 +59893,7 @@ CVE-2022-40302 (An issue was discovered in bgpd in FRRouting (FRR) through 8.4.
[buster] - frr <no-dsa> (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/13427
NOTE: https://github.com/FRRouting/frr/issues/13480
- NOTE: Fixes for CVE-2022-43681/CVE-2022-40318/CVE-2022-40302:
- NOTE: https://github.com/FRRouting/frr/commit/1117baca3c592877a4d8a13ed6a1d9bd83977487 (base_8.4)
NOTE: https://github.com/FRRouting/frr/commit/3e46b43e3788f0f87bae56a86b54d412b4710286 (base_8.4)
- NOTE: https://github.com/FRRouting/frr/commit/766eec1b7accffe2c04a5c9ebb14e9f487bb9f78 (base_8.5)
CVE-2022-40301
RESERVED
CVE-2022-40300 (Zoho ManageEngine Password Manager Pro through 12120 before 12121, PAM ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27b29c83c00c9226f145cf7caf9df19cdcae3edc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27b29c83c00c9226f145cf7caf9df19cdcae3edc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230629/5bf2bb69/attachment.htm>
More information about the debian-security-tracker-commits
mailing list