[Git][security-tracker-team/security-tracker][master] Track fixed version via bookworm for CVE-2022-48502

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Sep 9 16:14:26 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e536b678 by Salvatore Bonaccorso at 2023-09-09T17:11:59+02:00
Track fixed version via bookworm for CVE-2022-48502

This issue is in the ntfs3 driver which is not enabled in Debian. While
we have indeed at commit time not yet the fix in Debian, this facilitate
writing the DSA with a substantial set of CVEs to cover. We want to
finally have correct information so excpetionally already pre-release
commit the version which has hit security-master.

This is not something we should generally do. This syncs
security-tracker data with https://salsa.debian.org/kernel-team/kernel-sec/-/commit/a4031b11a2d82807aebc28d1f98212f84e695eb9

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12971,6 +12971,7 @@ CVE-2023-2749 (Download Center fails to properly validate the file path submitte
 	NOT-FOR-US: ASUSTOR
 CVE-2022-48502 (An issue was discovered in the Linux kernel before 6.2. The ntfs3 subs ...)
 	- linux 6.3.7-1 (unimportant)
+	[bookworm] - linux 6.1.52-1
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/0e8235d28f3a0e9eda9f02ff67ee566d5f42b66b (6.2-rc1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e536b6786f90cb3019833ab4e4398a71f45cce70

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e536b6786f90cb3019833ab4e4398a71f45cce70
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230909/574a5bf0/attachment.htm>

More information about the debian-security-tracker-commits mailing list