Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6a1eb34d by security tracker role at 2022-03-17T08:10:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,13 @@
+CVE-2022-27228
+ RESERVED
+CVE-2022-27227
+ RESERVED
+CVE-2022-27226
+ RESERVED
+CVE-2022-0999
+ RESERVED
CVE-2022-0998
+ RESERVED
- linux <unfixed> (unimportant)
NOTE:
https://git.kernel.org/linus/870aaff92e959e29d40f9cfdb5ed06ba2fc2dae0 (5.17-rc1)
NOTE: CONFIG_VHOST_VDPA not set in Debian
@@ -1794,8 +1803,8 @@ CVE-2022-26536
RESERVED
CVE-2022-26535
RESERVED
-CVE-2022-26534
- RESERVED
+CVE-2022-26534 (FISCO-BCOS release-3.0.0-rc2 was discovered to contain an
issue where ...)
+ TODO: check
CVE-2022-26533 (Alist v2.1.0 and below was discovered to contain a cross-site
scriptin ...)
NOT-FOR-US: Alist
CVE-2022-25960
@@ -2490,8 +2499,8 @@ CVE-2022-26305
RESERVED
CVE-2022-26301
RESERVED
-CVE-2022-26300
- RESERVED
+CVE-2022-26300 (EOS v2.1.0 was discovered to contain a heap-buffer-overflow
via the fu ...)
+ TODO: check
CVE-2022-26299
RESERVED
CVE-2022-26298
@@ -2500,12 +2509,12 @@ CVE-2022-26297
RESERVED
CVE-2022-26296
RESERVED
-CVE-2022-26295
- RESERVED
+CVE-2022-26295 (A stored cross-site scripting (XSS) vulnerability in
/ptms/?page=user ...)
+ TODO: check
CVE-2022-26294
RESERVED
-CVE-2022-26293
- RESERVED
+CVE-2022-26293 (Online Project Time Management System v1.0 was discovered to
contain a ...)
+ TODO: check
CVE-2022-26292
RESERVED
CVE-2022-26291
@@ -4495,12 +4504,12 @@ CVE-2022-25518
RESERVED
CVE-2022-25517
RESERVED
-CVE-2022-25516
- RESERVED
-CVE-2022-25515
- RESERVED
-CVE-2022-25514
- RESERVED
+CVE-2022-25516 (stb_truetype.h v1.26 was discovered to contain a
heap-buffer-overflow ...)
+ TODO: check
+CVE-2022-25515 (stb_truetype.h v1.26 was discovered to contain a
heap-buffer-overflow ...)
+ TODO: check
+CVE-2022-25514 (stb_truetype.h v1.26 was discovered to contain a
heap-buffer-overflow ...)
+ TODO: check
CVE-2022-25513
RESERVED
CVE-2022-25512 (FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API
and Webso ...)
@@ -8785,14 +8794,14 @@ CVE-2022-24077
RESERVED
CVE-2022-24076
RESERVED
-CVE-2022-24075
- RESERVED
-CVE-2022-24074
- RESERVED
-CVE-2022-24073
- RESERVED
-CVE-2022-24072
- RESERVED
+CVE-2022-24075 (Whale browser before 3.12.129.18 allowed extensions to replace
JavaScr ...)
+ TODO: check
+CVE-2022-24074 (Whale Bridge, a default extension in Whale browser before
3.12.129.18, ...)
+ TODO: check
+CVE-2022-24073 (The Web Request API in Whale browser before 3.12.129.18
allowed to den ...)
+ TODO: check
+CVE-2022-24072 (The devtools API in Whale browser before 3.12.129.18 allowed
extension ...)
+ TODO: check
CVE-2022-24071 (A Built-in extension in Whale browser before 3.12.129.46
allows attack ...)
NOT-FOR-US: Whale browser
CVE-2022-24070
@@ -10698,8 +10707,8 @@ CVE-2022-23612 (OpenMRS is a patient-based medical
record system focusing on giv
NOT-FOR-US: OpenMRS
CVE-2022-23611 (iTunesRPC-Remastered is a Discord Rich Presence for iTunes on
Windows ...)
NOT-FOR-US: iTunesRPC-Remastered
-CVE-2022-23610
- RESERVED
+CVE-2022-23610 (wire-server provides back end services for Wire, an open
source messen ...)
+ TODO: check
CVE-2022-23609 (iTunesRPC-Remastered is a Discord Rich Presence for iTunes on
Windows ...)
NOT-FOR-US: iTunesRPC-Remastered
CVE-2022-23608 (PJSIP is a free and open source multimedia communication
library writt ...)
@@ -15824,8 +15833,8 @@ CVE-2022-22275
RESERVED
CVE-2022-22274
RESERVED
-CVE-2022-22273
- RESERVED
+CVE-2022-22273 (** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of
Special Ele ...)
+ TODO: check
CVE-2022-22272 (Improper authorization in TelephonyManager prior to SMR
Jan-2022 Relea ...)
NOT-FOR-US: Samsung
CVE-2022-22271 (A missing input validation before memory copy in TIMA trustlet
prior t ...)
@@ -30310,8 +30319,8 @@ CVE-2021-42221
RESERVED
CVE-2021-42220 (A Cross Site Scripting (XSS) vulnerability exists in Dolibarr
before 1 ...)
- dolibarr <removed>
-CVE-2021-42219
- RESERVED
+CVE-2021-42219 (Go-Ethereum v1.10.9 was discovered to contain an issue which
allows at ...)
+ TODO: check
CVE-2021-42218
RESERVED
CVE-2021-42217
@@ -95604,6 +95613,7 @@ CVE-2021-0563 (In ih264e_fmt_conv_422i_to_420sp of
ih264e_fmt_conv.c, there is a
CVE-2021-0562 (In RasterIntraUpdate of motion_est.cpp, there is a possible out
of bou ...)
NOT-FOR-US: Android media framework
CVE-2021-0561 (In append_to_verify_fifo_interleaved_ of stream_encoder.c,
there is a ...)
+ {DLA-2951-1}
- flac 1.3.4-1 (bug #1006339)
[bullseye] - flac <no-dsa> (Minor issue)
[buster] - flac <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a1eb34dd02e77fc23d78cde011e0174d97c78e4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a1eb34dd02e77fc23d78cde011e0174d97c78e4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
