[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2022-0538/jenkins

Fri, 11 Feb 2022 05:52:26 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
22b60392 by Salvatore Bonaccorso at 2022-02-11T14:51:54+01:00
Add CVE-2022-0538/jenkins

- - - - -
32127fcd by Salvatore Bonaccorso at 2022-02-11T14:51:56+01:00
Add CVE-2022-0534/htmldoc

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -642,7 +642,7 @@ CVE-2022-0540
 CVE-2022-0539 (Cross-site Scripting (XSS) - Stored in Packagist 
ptrofimov/beanstalk_c ...)
        TODO: check
 CVE-2022-0538 (Jenkins 2.333 and earlier, LTS 2.319.2 and earlier defines 
custom XStr ...)
-       TODO: check
+       - jenkins <removed>
 CVE-2022-0537
        RESERVED
 CVE-2022-0536 (Exposure of Sensitive Information to an Unauthorized Actor in 
NPM foll ...)
@@ -650,7 +650,10 @@ CVE-2022-0536 (Exposure of Sensitive Information to an 
Unauthorized Actor in NPM
 CVE-2022-0535
        RESERVED
 CVE-2022-0534 (A vulnerability was found in htmldoc version 1.9.15 where the 
stack ou ...)
-       TODO: check
+       - htmldoc 1.9.15-1
+       NOTE: https://github.com/michaelrsweet/htmldoc/issues/463
+       NOTE: Fixed by: 
https://github.com/michaelrsweet/htmldoc/commit/776cf0fc4c760f1fb7b966ce28dc92dd7d44ed50
 (v1.9.15)
+       NOTE: Fixed by: 
https://github.com/michaelrsweet/htmldoc/commit/312f0f9c12f26fbe015cd0e6cefa40e4b99017d9
 (v1.9.15)
 CVE-2022-0533
        RESERVED
 CVE-2022-0532 (An incorrect sysctls validation vulnerability was found in 
CRI-O 1.18  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2551d479ba4017381a2ed7b5d098ce127ce2f5b3...32127fcde2e81ddd2acfdade4a07aaab4c963946

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2551d479ba4017381a2ed7b5d098ce127ce2f5b3...32127fcde2e81ddd2acfdade4a07aaab4c963946
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to