[Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2022-39264

Mon Mar 20 20:01:10 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
70a7edb8 by Salvatore Bonaccorso at 2023-03-20T21:00:20+01:00
Add upstream tag information for CVE-2022-39264

In 0.8.0 there was added support to store secrets in keychain but issue
seems present before.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47459,7 +47459,7 @@ CVE-2022-39264 (nheko is a desktop client for the Matrix communication applicati
 	[buster] - nheko <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/Nheko-Reborn/nheko/security/advisories/GHSA-8jcp-8jq4-5mm7
 	NOTE: https://github.com/Nheko-Reborn/nheko/commit/67bee15a389f9b8a9f6c3a340558d1e2319e7199 (v0.10.2)
-	NOTE: Possibly introduced in 0.8.0 via https://github.com/Nheko-Reborn/nheko/commit/7b46aa2a6e4fdb71632128a94b6645613631d8d4
+	NOTE: Support for secrets in keychain: https://github.com/Nheko-Reborn/nheko/commit/7b46aa2a6e4fdb71632128a94b6645613631d8d4 (v0.8.0)
 CVE-2022-39263 (`@next-auth/upstash-redis-adapter` is the Upstash Redis adapter for Ne ...)
 	NOT-FOR-US: next-auth/upstash-redis-adapter
 CVE-2022-39262 (GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Fre ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70a7edb8820db462b0eb5882ce972cc244e17ff0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70a7edb8820db462b0eb5882ce972cc244e17ff0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230320/62a2a60b/attachment.htm>
