[Git][security-tracker-team/security-tracker][master] 2 commits: Track fix via experimental for CVE-2022-24407/cyrus-sasl2

Wed, 23 Feb 2022 14:08:58 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bc25b5f5 by Salvatore Bonaccorso at 2022-02-23T23:08:18+01:00
Track fix via experimental for CVE-2022-24407/cyrus-sasl2

- - - - -
739b2ef7 by Salvatore Bonaccorso at 2022-02-23T23:08:18+01:00
Add Debian bug reference for CVE-2021-0561/flac

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3649,6 +3649,7 @@ CVE-2021-46671 (options.c in atftp before 0.7.5 reads 
past the end of an array,
        [stretch] - atftp <no-dsa> (Minor issue)
        NOTE: 
https://sourceforge.net/p/atftp/code/ci/9cf799c40738722001552618518279e9f0ef62e5
 (v0.7.5)
 CVE-2022-24407 (In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, 
plugins/sql.c does  ...)
+       [experimental] - cyrus-sasl2 2.1.28+dfsg-1
        - cyrus-sasl2 <unfixed>
        NOTE: Fixed by: 
https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc
 (cyrus-sasl-2.1.28)
        NOTE: Fixed by: 
https://github.com/cyrusimap/cyrus-sasl/commit/2d2e97b0eb53fa7f87a3bf1529d8f712dd954480
 (master)
@@ -91447,7 +91448,7 @@ CVE-2021-0563 (In ih264e_fmt_conv_422i_to_420sp of 
ih264e_fmt_conv.c, there is a
 CVE-2021-0562 (In RasterIntraUpdate of motion_est.cpp, there is a possible out 
of bou ...)
        NOT-FOR-US: Android media framework
 CVE-2021-0561 (In append_to_verify_fifo_interleaved_ of stream_encoder.c, 
there is a  ...)
-       - flac <unfixed>
+       - flac <unfixed> (bug #1006339)
        NOTE: 
https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be 
(1.3.4)
        NOTE: https://xiph.org/flac/changelog.html#flac_1.3.4
        NOTE: 
https://android.googlesource.com/platform/external/flac/+/368eb3f5bec249a197c95a95583ff8153aa6a87f



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2d2d79efa1311062060b824c23f827b07c37270c...739b2ef77f97af97df4253b86ea838f5868bbfe9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2d2d79efa1311062060b824c23f827b07c37270c...739b2ef77f97af97df4253b86ea838f5868bbfe9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to