[Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug references for edk2 issues

Wed Jan 10 20:14:13 GMT 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8485f400 by Salvatore Bonaccorso at 2024-01-10T21:13:39+01:00
Add Debian bug references for edk2 issues

- - - - -
7f2c7bfe by Salvatore Bonaccorso at 2024-01-10T21:13:41+01:00
Add Debian bug reference for gpac issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -580,11 +580,11 @@ CVE-2024-21645 (pyLoad is the free and open-source Download Manager written in p
 CVE-2024-21644 (pyLoad is the free and open-source Download Manager written in pure Py ...)
 	- pyload <itp> (bug #1001980)
 CVE-2024-0322 (Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.)
-	- gpac <unfixed>
+	- gpac <unfixed> (bug #1060409)
 	NOTE: https://huntr.com/bounties/87611fc9-ed7c-43e9-8e52-d83cd270bbec/
 	NOTE: https://github.com/gpac/gpac/commit/092904b80edbc4dce315684a59cc3184c45c1b70
 CVE-2024-0321 (Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2. ...)
-	- gpac <unfixed>
+	- gpac <unfixed> (bug #1060409)
 	NOTE: https://huntr.com/bounties/4c027b94-8e9c-4c31-a169-893b25047769/
 	NOTE: https://github.com/gpac/gpac/commit/d0ced41651b279bb054eb6390751e2d4eb84819a
 CVE-2024-0308 (A vulnerability was found in Inis up to 2.0.1. It has been rated as cr ...)
@@ -101770,15 +101770,15 @@ CVE-2022-36767
 CVE-2022-36766
 	RESERVED
 CVE-2022-36765 (EDK2 is susceptible to a vulnerability in the CreateHob() function, al ...)
-	- edk2 <unfixed>
+	- edk2 <unfixed> (bug #1060408)
 	NOTE: https://github.com/tianocore/edk2/security/advisories/GHSA-ch4w-v7m3-g8wx
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=4166
 CVE-2022-36764 (EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() fun ...)
-	- edk2 <unfixed>
+	- edk2 <unfixed> (bug #1060408)
 	NOTE: https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=4118
 CVE-2022-36763 (EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() fu ...)
-	- edk2 <unfixed>
+	- edk2 <unfixed> (bug #1060408)
 	NOTE: https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=4117
 CVE-2022-36762



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d2448eb93c4f4fa4f8442c9ca1e6a243e2cd0cb9...7f2c7bfeaa83530173a13ba23fc6be83df12aee3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d2448eb93c4f4fa4f8442c9ca1e6a243e2cd0cb9...7f2c7bfeaa83530173a13ba23fc6be83df12aee3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240110/752887c6/attachment.htm>
