Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a0920974 by Moritz Muehlenhoff at 2022-05-19T14:31:54+02:00
buster/bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -539,9 +539,10 @@ CVE-2022-1773
CVE-2022-1772
RESERVED
CVE-2022-1771 (Stack-based Buffer Overflow in GitHub repository vim/vim prior
to 8.2. ...)
- - vim <unfixed>
+ - vim <unfixed> (unimportant)
NOTE: https://huntr.dev/bounties/faa74175-5317-4b71-a363-dfc39094ecbb
NOTE:
https://github.com/vim/vim/commit/51f0bfb88a3554ca2dde777d78a59880d1ee37a8
(v8.2.4975)
+ NOTE: Crash in CLI tool, no security impact
CVE-2019-25061 (The random_password_generator (aka RandomPasswordGenerator)
gem throug ...)
NOT-FOR-US: bvsatyaram/random_password_generator
CVE-2022-30973
@@ -3061,10 +3062,11 @@ CVE-2022-30069
CVE-2022-30068
RESERVED
CVE-2022-30067 (GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow.
Through a ...)
- - gimp <unfixed>
+ - gimp <unfixed> (unimportant)
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/8120
NOTE:
https://gitlab.gnome.org/GNOME/gimp/-/commit/4f99f1fcfd892ead19831b5adcd38a99d71214b6
(master)
NOTE:
https://gitlab.gnome.org/GNOME/gimp/-/commit/8cd6d05232795ac31076013db1c6be3dc67e8e09
(gimp-2-10)
+ NOTE: Crash in GUI application, no security impact
CVE-2022-30066
RESERVED
CVE-2022-30065 (A use-after-free in Busybox 1.35-x's awk applet leads to
denial of ser ...)
@@ -32764,99 +32766,118 @@ CVE-2021-44511
RESERVED
CVE-2021-44510 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44509 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44508 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44507 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44506 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44505 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44504 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed>
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44503 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44502 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44501 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44500 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44499 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44498 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44497 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44496 (An issue was discovered in FIS GT.M through V7.0-000 (related
to the Y ...)
- fis-gtm <unfixed>
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44495 (An issue was discovered in YottaDB through r1.32 and V7.0-000
and FIS ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44494 (An issue was discovered in YottaDB through r1.32 and V7.0-000
and FIS ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44493 (An issue was discovered in YottaDB through r1.32 and V7.0-000
and FIS ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44492 (An issue was discovered in YottaDB through r1.32 and V7.0-000
and FIS ...)
- fis-gtm <unfixed> (bug #1009900)
+ [bullseye] - fis-gtm <ignored> (Minor issue)
+ [buster] - fis-gtm <ignored> (Minor issue)
NOTE:
http://tinco.pair.com/bhaskar/gtm/doc/articles/GTM_V7.0-002_Release_Notes.html
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
- TODO: check upstream to find out which changes affect which CVE
CVE-2021-44491 (An issue was discovered in YottaDB through r1.32 and V7.0-000.
Using c ...)
NOTE: https://gitlab.com/YottaDB/DB/YDB/-/issues/828
TODO: check - unclear if affects only YottaDB
=====================================
data/dsa-needed.txt
=====================================
@@ -20,6 +20,8 @@ cifs-utils (carnil)
--
condor/oldstable (apo)
--
+curl
+--
epiphany-browser
--
freecad (aron)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a092097465fb1c8804410feb6d8811be1e84294f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a092097465fb1c8804410feb6d8811be1e84294f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
