[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
23e9602f by security tracker role at 2022-04-28T08:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,95 @@
+CVE-2022-29868
+       RESERVED
+CVE-2022-29867
+       RESERVED
+CVE-2022-29866
+       RESERVED
+CVE-2022-29865
+       RESERVED
+CVE-2022-29864
+       RESERVED
+CVE-2022-29863
+       RESERVED
+CVE-2022-29862
+       RESERVED
+CVE-2022-29861
+       RESERVED
+CVE-2022-29860
+       RESERVED
+CVE-2022-29859 (component/common/network/dhcp/dhcps.c in ambiot amb1_sdk (aka 
SDK for  ...)
+       TODO: check
+CVE-2022-29858
+       RESERVED
+CVE-2022-29857
+       RESERVED
+CVE-2022-29856
+       RESERVED
+CVE-2022-29855
+       RESERVED
+CVE-2022-29854
+       RESERVED
+CVE-2022-29853
+       RESERVED
+CVE-2022-29852
+       RESERVED
+CVE-2022-29851
+       RESERVED
+CVE-2022-29850
+       RESERVED
+CVE-2022-29849
+       RESERVED
+CVE-2022-29848
+       RESERVED
+CVE-2022-29847
+       RESERVED
+CVE-2022-29846
+       RESERVED
+CVE-2022-29845
+       RESERVED
+CVE-2022-29844
+       RESERVED
+CVE-2022-29843
+       RESERVED
+CVE-2022-29842
+       RESERVED
+CVE-2022-29841
+       RESERVED
+CVE-2022-29840
+       RESERVED
+CVE-2022-29839
+       RESERVED
+CVE-2022-29838
+       RESERVED
+CVE-2022-29837
+       RESERVED
+CVE-2022-29836
+       RESERVED
+CVE-2022-29835
+       RESERVED
+CVE-2022-29834
+       RESERVED
+CVE-2022-29833
+       RESERVED
+CVE-2022-29832
+       RESERVED
+CVE-2022-29831
+       RESERVED
+CVE-2022-29830
+       RESERVED
+CVE-2022-29829
+       RESERVED
+CVE-2022-29828
+       RESERVED
+CVE-2022-29827
+       RESERVED
+CVE-2022-29826
+       RESERVED
+CVE-2022-29825
+       RESERVED
+CVE-2022-29824
+       RESERVED
+CVE-2022-29516
+       RESERVED
 CVE-2022-29823
        RESERVED
 CVE-2022-29822
@@ -7157,7 +7249,7 @@ CVE-2022-27240 (scheme/webauthn.c in Glewlwyd SSO server 
2.x before 2.6.2 has a
        [bullseye] - glewlwyd 2.5.2-2+deb11u3
        [buster] - glewlwyd <no-dsa> (Minor issue)
        NOTE: 
https://github.com/babelouest/glewlwyd/commit/4c5597c155bfbaf6491cf6b83479d241ae66940a
 (v2.6.2)
-CVE-2022-29869
+CVE-2022-29869 (cifs-utils through 6.14, with verbose logging, can cause an 
informatio ...)
        - cifs-utils <unfixed>
        NOTE: https://bugzilla.samba.org/show_bug.cgi?id=15026
        NOTE: https://github.com/piastry/cifs-utils/pull/7
@@ -13744,8 +13836,8 @@ CVE-2022-24893
        RESERVED
 CVE-2022-24892
        RESERVED
-CVE-2022-24891
-       RESERVED
+CVE-2022-24891 (ESAPI (The OWASP Enterprise Security API) is a free, open 
source, web  ...)
+       TODO: check
 CVE-2022-24890
        RESERVED
 CVE-2022-24889 (Nextcloud Server is the file server software for Nextcloud, a 
self-hos ...)
@@ -14193,10 +14285,10 @@ CVE-2022-24737 (HTTPie is a command-line HTTP client. 
HTTPie has the practical c
        [stretch] - httpie <no-dsa> (Minor issue)
        NOTE: 
https://github.com/httpie/httpie/security/advisories/GHSA-9w4w-cpc8-h2fq
        NOTE: Fixed by: 
https://github.com/httpie/httpie/commit/65ab7d5caaaf2f95e61f9dd65441801c2ddee38b
 (3.1.0)
-CVE-2022-24736
-       RESERVED
-CVE-2022-24735
-       RESERVED
+CVE-2022-24736 (Redis is an in-memory database that persists on disk. Prior to 
version ...)
+       TODO: check
+CVE-2022-24735 (Redis is an in-memory database that persists on disk. By 
exploiting we ...)
+       TODO: check
 CVE-2022-24734 (MyBB is a free and open source forum software. In affected 
versions th ...)
        NOT-FOR-US: MyBB
 CVE-2022-24733 (Sylius is an open source eCommerce platform. Prior to versions 
1.9.10, ...)
@@ -63786,8 +63878,7 @@ CVE-2021-3524 (A flaw was found in the Red Hat Ceph 
Storage RadosGW (Ceph Object
        [buster] - ceph <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1951674
        NOTE: Fixed by: 
https://github.com/ceph/ceph/commit/763aebb94678018f89427137ffbc0c5205b1edc1
-CVE-2021-3523
-       RESERVED
+CVE-2021-3523 (A flaw was found in 3Scale APICast in versions prior to 2.11.0, 
where  ...)
        NOT-FOR-US: Red Hat 3scale API gateway
 CVE-2021-31921 (Istio before 1.8.6 and 1.9.x before 1.9.5 contains a remotely 
exploita ...)
        NOT-FOR-US: Istio



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23e9602f27529a98be4f39e31c9fb1b4cc715be6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23e9602f27529a98be4f39e31c9fb1b4cc715be6
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits