Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c7579313 by Salvatore Bonaccorso at 2022-05-04T22:35:42+02:00
Add CVE-2022-29155/openldap
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3062,7 +3062,11 @@ CVE-2022-29156 (drivers/infiniband/ulp/rtrs/rtrs-clt.c
in the Linux kernel befor
[stretch] - linux <not-affected> (Vulnerable code not present)
NOTE: Fixedy by:
https://git.kernel.org/linus/8700af2cc18c919b2a83e74e0479038fd113c15d (5.17-rc6)
CVE-2022-29155 (In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL
injection ...)
- TODO: check
+ - openldap <unfixed>
+ NOTE: https://bugs.openldap.org/show_bug.cgi?id=9815
+ NOTE:
https://git.openldap.org/openldap/openldap/-/commit/87df6c19915042430540931d199a39105544a134
(master)
+ NOTE:
https://git.openldap.org/openldap/openldap/-/commit/40f3ae4f5c9a8baf75b237220f62c436a571d66e
(OPENLDAP_REL_ENG_2_5_12)
+ NOTE: back-sql backend to slapd is enabled but considered experimental
upstream.
CVE-2022-29154
RESERVED
CVE-2022-29153 (HashiCorp Consul and Consul Enterprise through 2022-04-12
allow SSRF. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7579313a55d1db8ffc5d653c1f165612b740c50
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7579313a55d1db8ffc5d653c1f165612b740c50
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
