[Git][security-tracker-team/security-tracker][master] Associate CVE-2022-38745 to libreoffice

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Mar 26 12:51:22 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb01bf6c by Salvatore Bonaccorso at 2023-03-26T13:48:47+02:00
Associate CVE-2022-38745 to libreoffice

Usually libreoffice and Apache OpenOffice do not share the CVEs as the
projects are diverging. Though in this case Libreoffice project will not
do any specific advisory for the issue and solved already over a year
ago from time of this commit.

After discussion with Rene Engelhard, reference libreoffice for this
CVE.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -49854,7 +49854,11 @@ CVE-2022-38747
 CVE-2022-38746
 	RESERVED
 CVE-2022-38745 (Apache OpenOffice versions before 4.1.14 may be configured to add an e ...)
-	NOT-FOR-US: Apache OpenOffice
+	- libreoffice 1:7.3.1-1
+	[bullseye] - libreoffice <no-dsa> (Minor issue)
+	NOTE: https://cgit.freedesktop.org/libreoffice/core/commit/?id=5e8f64e50f97d39e83a3358697be14db03566878
+	NOTE: Technically CVE for Apache OpenOffice. Libreoffice project will not issue a separate CVE
+	NOTE: and the issue is present in Libreoffice as well. Exceptionally track libreoffice.
 CVE-2022-2993 (There is an error in the condition of the last if-statement in the fun ...)
 	NOT-FOR-US: zephyr-rtos
 CVE-2022-2992 (A vulnerability in GitLab CE/EE affecting all versions from 11.10 prio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb01bf6c48e7b807e872e9dfe358eabaf53879f1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb01bf6c48e7b807e872e9dfe358eabaf53879f1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230326/f9e1a711/attachment.htm>

More information about the debian-security-tracker-commits mailing list