Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b7ea5e0a by Salvatore Bonaccorso at 2022-03-29T22:53:48+02:00
Track fixed version for linux issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1271,7 +1271,7 @@ CVE-2022-1057
CVE-2021-46739
RESERVED
CVE-2022-27666 (A heap buffer overflow flaw was found in IPsec ESP
transformation code ...)
- - linux <unfixed>
+ - linux 5.16.18-1
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE:
https://git.kernel.org/linus/ebe48d368e97d007bfeb76fcb065d6cfc4c96645 (5.17-rc8)
CVE-2022-27665
@@ -1364,7 +1364,7 @@ CVE-2022-1049 (A flaw was found in the Pacemaker
configuration tool (pcs). The p
NOTE:
https://github.com/ClusterLabs/pcs/commit/fb860005117dc9e092649687dfa1304fb423efc5
CVE-2022-1048 [race condition in snd_pcm_hw_free leading to use-after-free]
RESERVED
- - linux <unfixed>
+ - linux 5.16.18-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2066706
NOTE: https://www.openwall.com/lists/oss-security/2022/03/28/4
CVE-2022-1047
@@ -2267,12 +2267,12 @@ CVE-2022-1017
RESERVED
CVE-2022-1016
RESERVED
- - linux <unfixed>
+ - linux 5.16.18-1
NOTE: https://www.openwall.com/lists/oss-security/2022/03/28/5
NOTE: Fixed by:
https://git.kernel.org/linus/4c905f6740a365464e91467aa50916555b28213d
CVE-2022-1015
RESERVED
- - linux <unfixed>
+ - linux 5.16.18-1
[bullseye] - linux <no-dsa> (Vulnerability exploitable only after
5.12-rc1)
[buster] - linux <no-dsa> (Vulnerability exploitable only after
5.12-rc1)
[stretch] - linux <no-dsa> (Vulnerability exploitable only after
5.12-rc1)
@@ -2287,7 +2287,7 @@ CVE-2022-1013
CVE-2022-1012
RESERVED
CVE-2022-1011 (A flaw use after free in the Linux kernel FUSE filesystem was
found in ...)
- - linux <unfixed>
+ - linux 5.16.18-1
[bullseye] - linux 5.10.106-1
NOTE:
https://git.kernel.org/linus/0c4bcfdecb1ac0967619ee7ff44871d93c08c909 (5.17-rc8)
CVE-2022-1010
@@ -2342,7 +2342,7 @@ CVE-2022-0996 (A vulnerability was found in the 389
Directory Server that allows
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2064769
TODO: check details
CVE-2022-0995 (An out-of-bounds (OOB) memory write flaw was found in the Linux
kernel ...)
- - linux <unfixed>
+ - linux 5.16.18-1
[bullseye] - linux 5.10.106-1
[buster] - linux <not-affected> (Vulnerable code not present)
[stretch] - linux <not-affected> (Vulnerable code not present)
@@ -4270,7 +4270,7 @@ CVE-2020-36517 (An information leak in Nabu Casa Home
Assistant Operating System
CVE-2022-0868 (Open Redirect in GitHub repository medialize/uri.js prior to
1.19.10. ...)
NOT-FOR-US: Node urijs
CVE-2022-26490 (st21nfca_connectivity_event_received in
drivers/nfc/st21nfca/se.c in t ...)
- - linux <unfixed>
+ - linux 5.16.18-1
NOTE:
https://git.kernel.org/linux/4fbcc1a4cb20fe26ad0225679c536c80f1648221 (5.17-rc1)
CVE-2022-26486
RESERVED
@@ -4481,7 +4481,7 @@ CVE-2022-0856 (libcaca is affected by a Divide By Zero
issue via img2txt, which
CVE-2022-0855 (Improper Resolution of Path Equivalence in GitHub repository
microwebe ...)
NOT-FOR-US: microweber (whmcs_plugin)
CVE-2022-0854 (A memory leak flaw was found in the Linux kernel’s DMA
subsystem ...)
- - linux <unfixed>
+ - linux 5.16.18-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2058395
NOTE:
https://git.kernel.org/linus/ddbd89deb7d32b1fbb879f48d68fda1a8ac58e8e (5.17-rc6)
NOTE:
https://git.kernel.org/linus/aa6f8dcbab473f3a3c7454b74caa46d36cdc5d13 (5.17-rc8)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7ea5e0a7b7d44fca18d57d57f73f8d338670647
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7ea5e0a7b7d44fca18d57d57f73f8d338670647
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
