[Git][security-tracker-team/security-tracker][master] Record CVE-2022-0718 in DLA-3870-1

Daniel Leidert (@dleidert) dleidert at debian.org
Mon Dec 8 19:23:59 GMT 2025 


Daniel Leidert pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5d7ac63f by Daniel Leidert at 2025-12-08T20:22:09+01:00
Record CVE-2022-0718 in DLA-3870-1

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -345303,13 +345303,14 @@ CVE-2022-0720 (The Amelia WordPress plugin before 1.0.47 does not have proper au
 CVE-2022-0719 (Cross-site Scripting (XSS) - Reflected in GitHub repository microweber ...)
 	NOT-FOR-US: microweber
 CVE-2022-0718 (A flaw was found in python-oslo-utils. Due to improper parsing, passwo ...)
-	{DLA-3106-1}
+	{DLA-3106-1 DLA-3870-1}
 	- python-oslo.utils 4.10.1-1
 	[bullseye] - python-oslo.utils <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2056850
 	NOTE: https://bugs.launchpad.net/oslo.utils/+bug/1949623
 	NOTE: Fixed by: https://opendev.org/openstack/oslo.utils/commit/6e17ae1f7959c64dfd20a5f67edf422e702426aa (4.12.1)
 	NOTE: Fixed by: https://opendev.org/openstack/oslo.utils/commit/5ce8a7f0f8ecec7a85a23ec3d7a7fb1cad14ceba (4.10.1)
+	NOTE: Fixed by: https://opendev.org/openstack/oslo.utils/commit/65aa4226d4bf286468da6df6759e364c1eb3e049 (4.6.1)
 CVE-2022-25643 (seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with es ...)
 	- seatd 0.6.4-1 (bug #1006308)
 	NOTE: https://lists.sr.ht/~kennylevinsen/seatd-announce/%3CETEO7R.QG8B1KGD531R1%40kl.wtf%3E


=====================================
data/DLA/list
=====================================
@@ -1590,6 +1590,7 @@
 	{CVE-2023-2088 CVE-2024-32498}
 	[bullseye] - cinder 2:17.4.0-1~deb11u2
 [05 Sep 2024] DLA-3870-1 python-oslo.utils - security update
+	{CVE-2022-0718}
 	[bullseye] - python-oslo.utils 4.6.1-0+deb11u1
 [04 Sep 2024] DLA-3869-1 firefox-esr - security update
 	{CVE-2024-8381 CVE-2024-8382 CVE-2024-8383 CVE-2024-8384}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d7ac63fc2eca5819167cb601a0f1a647595fab6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d7ac63fc2eca5819167cb601a0f1a647595fab6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251208/d8bfdb07/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list