[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Wed, 02 Feb 2022 00:10:40 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6c79f014 by security tracker role at 2022-02-02T08:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2022-24308
+       RESERVED
+CVE-2022-24307
+       RESERVED
+CVE-2022-24306
+       RESERVED
+CVE-2022-24305
+       RESERVED
+CVE-2022-24304
+       RESERVED
+CVE-2022-24303
+       RESERVED
+CVE-2022-24302
+       RESERVED
+CVE-2022-24296
+       RESERVED
+CVE-2022-24295
+       RESERVED
+CVE-2022-22986
+       RESERVED
+CVE-2022-0472
+       RESERVED
+CVE-2022-0471
+       RESERVED
 CVE-2022-24294
        RESERVED
 CVE-2022-24293
@@ -19,78 +43,97 @@ CVE-2022-21799
 CVE-2022-21173
        RESERVED
 CVE-2022-0470
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0469
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0468
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0467
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0466
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0465
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0464
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0463
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0462
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0461
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0460
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0459
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0458
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0457
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0456
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0455
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0454
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0453
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0452
+       RESERVED
        - chromium <unfixed>
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
@@ -392,12 +435,12 @@ CVE-2022-24200
        RESERVED
 CVE-2022-24199
        RESERVED
-CVE-2022-24198
-       RESERVED
-CVE-2022-24197
-       RESERVED
-CVE-2022-24196
-       RESERVED
+CVE-2022-24198 (iText v7.1.17 was discovered to contain an out-of-bounds 
exception via ...)
+       TODO: check
+CVE-2022-24197 (iText v7.1.17 was discovered to contain a stack-based buffer 
overflow  ...)
+       TODO: check
+CVE-2022-24196 (iText v7.1.17 was discovered to contain an out-of-memory error 
via the ...)
+       TODO: check
 CVE-2022-24195
        RESERVED
 CVE-2022-24194
@@ -1906,7 +1949,7 @@ CVE-2022-0340
        RESERVED
 CVE-2021-4209
        RESERVED
-CVE-2022-24300 [ItemStack meta injection vulnerability]
+CVE-2022-24300 (Minetest before 5.4.0 allows attackers to add or modify 
arbitrary meta ...)
        - minetest 5.4.1+repack-1 (bug #1004223)
        NOTE: 
https://github.com/minetest/minetest/security/advisories/GHSA-hwj2-xf72-r4cf
        NOTE: Fixed by: 
https://github.com/minetest/minetest/commit/b5956bde259faa240a81060ff4e598e25ad52dae
 (5.4.0)
@@ -1914,7 +1957,7 @@ CVE-2022-24300 [ItemStack meta injection vulnerability]
        NOTE: which is not a vulnerability by itself, and won't get a CVE 
assigned:
        NOTE: 
https://github.com/minetest/minetest/security/advisories/GHSA-7q63-4fq2-hqcr
        NOTE: 
https://github.com/minetest/minetest/commit/8d6a0b917ce1e7f4f1017835af0ca76e79c98c38
 (5.2.0)
-CVE-2022-24301 [Players can access the inventories of other players]
+CVE-2022-24301 (In Minetest before 5.4.0, players can add or subtract items 
from a dif ...)
        - minetest 5.4.1+repack-1
        NOTE: 
https://github.com/minetest/minetest/security/advisories/GHSA-fvwv-qcq6-wmp5
        NOTE: Fixed by: 
https://github.com/minetest/minetest/commit/3693b6871eba268ecc79b3f52d00d3cefe761131
 (5.4.0)
@@ -11493,7 +11536,7 @@ CVE-2021-44792 (Single Connect does not perform an 
authorization check when usin
 CVE-2021-44791
        RESERVED
 CVE-2021-44790 (A carefully crafted request body can cause a buffer overflow 
in the mo ...)
-       {DSA-5035-1}
+       {DSA-5035-1 DLA-2907-1}
        - apache2 2.4.52-1
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-44790
        NOTE: Fixed by: https://svn.apache.org/r1896039
@@ -13209,7 +13252,7 @@ CVE-2021-44225 (In Keepalived through 2.2.4, the D-Bus 
policy does not sufficien
        NOTE: https://github.com/acassen/keepalived/pull/2063
        NOTE: 
https://github.com/acassen/keepalived/commit/7977fec0be89ae6fe87405b3f8da2f0b5e415e3d
 CVE-2021-44224 (A crafted URI sent to httpd configured as a forward proxy 
(ProxyReques ...)
-       {DSA-5035-1}
+       {DSA-5035-1 DLA-2907-1}
        - apache2 2.4.52-1
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-44224
        NOTE: Fixed by: https://svn.apache.org/r1895955
@@ -19440,8 +19483,8 @@ CVE-2021-42640
        RESERVED
 CVE-2021-42639
        RESERVED
-CVE-2021-42638
-       RESERVED
+CVE-2021-42638 (PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not 
sanitiz ...)
+       TODO: check
 CVE-2021-42637
        RESERVED
 CVE-2021-42636



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c79f014842e1597817afa55d17810d8d9370d24

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c79f014842e1597817afa55d17810d8d9370d24
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to