[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

Mon, 09 May 2022 07:15:27 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f4a64b16 by Moritz Muehlenhoff at 2022-05-09T16:13:48+02:00
buster/bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -379,9 +379,10 @@ CVE-2018-25033 (ADMesh through 0.98.4 has a heap-based 
buffer over-read in stl_u
        NOTE: https://github.com/admesh/admesh/issues/28
        NOTE: 
https://github.com/admesh/admesh/commit/e84d8353f1347e1f26f0a95770d92ba14e6ede38
 CVE-2022-1620 (NULL Pointer Dereference in function vim_regexec_string at 
regexp.c:27 ...)
-       - vim <unfixed>
+       - vim <unfixed> (unimportant)
        NOTE: https://huntr.dev/bounties/7a4c59f3-fcc0-4496-995d-5ca6acd2da51
        NOTE: 
https://github.com/vim/vim/commit/8e4b76da1d7e987d43ca960dfbc372d1c617466f 
(v8.2.4901)
+       NOTE: Crash in CLI tool, no security impact
 CVE-2022-1619 (Heap-based Buffer Overflow in function cmdline_erase_chars in 
GitHub r ...)
        - vim <unfixed>
        NOTE: https://huntr.dev/bounties/b3200483-624e-4c76-a070-e246f62a7450
@@ -5525,6 +5526,8 @@ CVE-2022-28464 (Apifox through 2.1.6 is vulnerable to 
Cross Site Scripting (XSS)
        NOT-FOR-US: Apifox
 CVE-2022-28463 (ImageMagick 7.1.0-27 is vulnerable to Buffer Overflow. ...)
        - imagemagick <unfixed>
+       [bullseye] - imagemagick <no-dsa> (Minor issue)
+       [buster] - imagemagick <no-dsa> (Minor issue)
        NOTE: 
https://github.com/ImageMagick/ImageMagick/commit/ca3654ebf7a439dc736f56f083c9aa98e4464b7f
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/4988
        NOTE: 
https://github.com/ImageMagick/ImageMagick6/commit/e6ea5876e0228165ee3abc6e959aa174cee06680



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4a64b1602558566682c1a6d9255a26088d5d924

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4a64b1602558566682c1a6d9255a26088d5d924
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to