[Git][security-tracker-team/security-tracker][master] 3 commits: dla-needed.txt: Update note for xrdp.

Fri Mar 31 09:43:51 BST 2023


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ba4360cf by Chris Lamb at 2023-03-31T09:39:35+01:00
dla-needed.txt: Update note for xrdp.

- - - - -
8011d8bf by Chris Lamb at 2023-03-31T09:41:38+01:00
Add extra commit info for CVE-2022-23481 and CVE-2022-23482 in xrdp.

- - - - -
83fdde7a by Chris Lamb at 2023-03-31T09:43:20+01:00
data/dla-needed.txt: Claim xrdp.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -95362,9 +95362,11 @@ CVE-2022-23483 (xrdp is an open source project which provides a graphical login
 CVE-2022-23482 (xrdp is an open source project which provides a graphical login to rem ...)
 	- xrdp 0.9.21.1-1 (bug #1025879)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-56pq-2pm9-7fhm
+	NOTE: https://github.com/neutrinolabs/xrdp/commit/1e42426db59120c6596d673f1bb2dc8b0312e692
 CVE-2022-23481 (xrdp is an open source project which provides a graphical login to rem ...)
 	- xrdp 0.9.21.1-1 (bug #1025879)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-hm75-9jcg-p7hq
+	NOTE: https://github.com/neutrinolabs/xrdp/commit/bc6b052959697b205d15108fb88e7c7e38c15bee
 CVE-2022-23480 (xrdp is an open source project which provides a graphical login to rem ...)
 	- xrdp 0.9.21.1-1 (bug #1025879)
 	NOTE: https://github.com/neutrinolabs/xrdp/security/advisories/GHSA-3jmx-f6hv-95wg


=====================================
data/dla-needed.txt
=====================================
@@ -320,7 +320,8 @@ wordpress (guilhem)
   NOTE: 20230302: Testsuite: https://lts-team.pages.debian.net/wiki/TestSuites/wordpress.html
   NOTE: 20230302: buster is 6 CVEs behind bullseye (Beuc/front-desk)
 --
-xrdp
+xrdp (Chris Lamb)
+  NOTE: 20230331: Programming language: C.
 --
 zabbix
   NOTE: 20220911: At least CVE-2022-23134 was fixed in stretch so it should be fixed in buster too.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1d1e590556adc4672849bd80445cf993bdd3f377...83fdde7aa36293884ef2cef62de4388b8e733713

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1d1e590556adc4672849bd80445cf993bdd3f377...83fdde7aa36293884ef2cef62de4388b8e733713
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230331/bc6d1dc5/attachment-0001.htm>
