[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

Mon, 14 Feb 2022 08:10:44 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9a076b33 by Moritz Muehlenhoff at 2022-02-14T16:47:51+01:00
buster/bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1720,14 +1720,14 @@ CVE-2022-0498
        REJECTED
 CVE-2022-0497
        RESERVED
-       - openscad 2021.01-4 (bug #1005641)
-       [stretch] - openscad <no-dsa> (Minor issue)
+       - openscad 2021.01-4 (unimportant; bug #1005641)
        NOTE: https://github.com/openscad/openscad/issues/4043
+       NOTE: Crash in CLI tool, no security impact
 CVE-2022-0496
        RESERVED
-       - openscad 2021.01-4 (bug #1005641)
-       [stretch] - openscad <no-dsa> (Minor issue)
+       - openscad 2021.01-4 (unimportant; bug #1005641)
        NOTE: https://github.com/openscad/openscad/issues/4037
+       NOTE: Crash in CLI tool, no security impact
 CVE-2022-0495
        RESERVED
 CVE-2022-0494
@@ -2033,6 +2033,8 @@ CVE-2022-24304
 CVE-2022-24303
        RESERVED
        - pillow <unfixed>
+       [bullseye] - pillow <ignored> (Minor issue)
+       [buster] - pillow <ignored> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2052682
        NOTE: 
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security
        NOTE: 
https://github.com/python-pillow/Pillow/commit/427221ef5f19157001bf8b1ad7cfe0b905ca8c26
 (9.0.1)
@@ -9384,9 +9386,10 @@ CVE-2021-46021 (An Use-After-Free vulnerability in 
rec_record_destroy() at rec-r
        NOTE: Negligible security impact
 CVE-2021-46020 (An untrusted pointer dereference in mrb_vm_exec() of mruby 
v3.0.0 can  ...)
        - mruby <unfixed>
+       [bullseye] - mruby <no-dsa> (Minor issue)
+       [buster] - mruby <no-dsa> (Minor issue)
        [stretch] - mruby <postponed> (revisit when/if fix is complete)
        NOTE: https://github.com/mruby/mruby/issues/5613
-       TODO: check details
 CVE-2021-46019 (An untrusted pointer dereference in rec_db_destroy() at 
rec-db.c of GN ...)
        - recutils <unfixed> (unimportant)
        NOTE: 
https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00009.html



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a076b33d85296483f71cd222a676ef1faff6e9d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a076b33d85296483f71cd222a676ef1faff6e9d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to