[Git][security-tracker-team/security-tracker][master] Update some more optee-os CVEs which are already fixed with initial upload

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Feb 12 20:44:02 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
17017c4d by Salvatore Bonaccorso at 2024-02-12T21:43:16+01:00
Update some more optee-os CVEs which are already fixed with initial upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79119,7 +79119,7 @@ CVE-2022-46154 (Kodexplorer is a chinese language web based file manager and bro
 CVE-2022-46153 (Traefik is an open source HTTP reverse proxy and load balancer. In aff ...)
 	- traefik <itp> (bug #983289)
 CVE-2022-46152 (OP-TEE Trusted OS is the secure side implementation of OP-TEE project, ...)
-	- optee-os <undetermined>
+	- optee-os <not-affected> (Fixed before initial upload)
 CVE-2022-46151 (Querybook is an open source data querying UI. In affected versions use ...)
 	NOT-FOR-US: Querybook
 CVE-2022-46150 (Discourse is an open-source discussion platform. Prior to version 2.8. ...)
@@ -176983,7 +176983,9 @@ CVE-2021-38541
 CVE-2021-3699
 	RESERVED
 CVE-2019-25052 (In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data ...)
-	- optee-os <undetermined>
+	- optee-os <not-affected> (Fixed before initial upload)
+	NOTE: https://github.com/OP-TEE/optee_os/security/advisories/GHSA-pgwr-qmgh-vhmf
+	NOTE: https://github.com/OP-TEE/optee_os/commit/34a08bec755670ea0490cb53bbc68058cafc69b6 (3.7.0-rc1)
 CVE-2021-38511 (An issue was discovered in the tar crate before 0.4.36 for Rust. When  ...)
 	- rust-tar 0.4.37-1 (bug #992173)
 	[bullseye] - rust-tar <no-dsa> (Minor issue)
@@ -335932,19 +335934,19 @@ CVE-2019-1010299 (The Rust Programming Language Standard Library 1.18.0 and late
 	NOTE: https://github.com/rust-lang/rust/issues/53566
 	NOTE: https://github.com/rust-lang/rust/pull/53571/commits/b85e4cc8fadaabd41da5b9645c08c68b8f89908d
 CVE-2019-1010298 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
-	- optee-os <undetermined>
+	- optee-os <not-affected> (Fixed before initial upload)
 CVE-2019-1010297 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
-	- optee-os <undetermined>
+	- optee-os <not-affected> (Fixed before initial upload)
 CVE-2019-1010296 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
-	- optee-os <undetermined>
+	- optee-os <not-affected> (Fixed before initial upload)
 CVE-2019-1010295 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
-	- optee-os <undetermined>
+	- optee-os <not-affected> (Fixed before initial upload)
 CVE-2019-1010294 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. ...)
-	- optee-os <undetermined>
+	- optee-os <not-affected> (Fixed before initial upload)
 CVE-2019-1010293 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Boundary crossi ...)
-	- optee-os <undetermined>
+	- optee-os <not-affected> (Fixed before initial upload)
 CVE-2019-1010292 (Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary  ...)
-	- optee-os <undetermined>
+	- optee-os <not-affected> (Fixed before initial upload)
 CVE-2019-1010291
 	RESERVED
 CVE-2019-1010290 (Babel: Multilingual site Babel All is affected by: Open Redirection. T ...)
@@ -407182,9 +407184,9 @@ CVE-2017-1000418 (The WildMidi_Open function in WildMIDI since commit d8a466829c
 	NOTE: https://github.com/Mindwerks/wildmidi/issues/178
 	NOTE: https://github.com/Mindwerks/wildmidi/commit/814f31d8eceda8401eb812fc2e94ed143fdad0ab
 CVE-2017-1000413 (Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and ol ...)
-	- optee-os <undetermined>
+	- optee-os <not-affected> (Fixed before initial upload)
 CVE-2017-1000412 (Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and ol ...)
-	- optee-os <undetermined>
+	- optee-os <not-affected> (Fixed before initial upload)
 CVE-2018-3816
 	RESERVED
 CVE-2018-3815 (The "XML Interface to Messaging, Scheduling, and Signaling" (XIMSS) pr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17017c4d7b66a61338835aeff553836d34bfe8d2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17017c4d7b66a61338835aeff553836d34bfe8d2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240212/a12f6e77/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list