[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

Thu, 10 Feb 2022 01:58:18 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3f442621 by Moritz Muehlenhoff at 2022-02-10T10:57:36+01:00
buster/bullseye triage
new jss issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -847,6 +847,7 @@ CVE-2022-0486
 CVE-2022-0485 [nbdcopy: missing error handling may create corrupted 
destination image]
        RESERVED
        - libnbd <unfixed>
+       [bullseye] - libnbd <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2050324
        NOTE: Fixed by: 
https://gitlab.com/nbdkit/libnbd/-/commit/8d444b41d09a700c7ee6f9182a649f3f2d325abb
        NOTE: 
https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html
@@ -2507,6 +2508,8 @@ CVE-2021-4214
        NOTE: Crash in CLI package, not shipped in binary packages
 CVE-2021-4213
        RESERVED
+       - jss <unfixed>
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2042900
 CVE-2022-23941
        RESERVED
 CVE-2022-23940
@@ -3032,8 +3035,12 @@ CVE-2022-23854
 CVE-2022-23853
        RESERVED
        - kate <unfixed>
+       [bullseye] - kate <no-dsa> (Minor issue)
+       [buster] - kate <no-dsa> (Minor issue)
        [stretch] - kate <no-dsa> (Minor issue)
        - ktexteditor <unfixed>
+       [bullseye] - ktexteditor <no-dsa> (Minor issue)
+       [buster] - ktexteditor <no-dsa> (Minor issue)
        [stretch] - ktexteditor <no-dsa> (Minor issue)
        NOTE: https://kde.org/info/security/advisory-20220131-1.txt
        NOTE: KTextEditor: Fixed by: 
https://commits.kde.org/ktexteditor/804e49444c093fe58ec0df2ab436565e50dc147e
@@ -11239,7 +11246,7 @@ CVE-2022-21988 (Microsoft Office Visio Remote Code 
Execution Vulnerability. ...)
 CVE-2022-21987 (Microsoft SharePoint Server Spoofing Vulnerability. ...)
        NOT-FOR-US: Microsoft
 CVE-2022-21986 (.NET Denial of Service Vulnerability. ...)
-       TODO: check
+       NOT-FOR-US: Microsoft .NET
 CVE-2022-21985 (Windows Remote Access Connection Manager Information 
Disclosure Vulner ...)
        NOT-FOR-US: Microsoft
 CVE-2022-21984 (Windows DNS Server Remote Code Execution Vulnerability. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f442621dcaf789085f13e2d03d05494df3bc7f7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f442621dcaf789085f13e2d03d05494df3bc7f7
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to