Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0ffdcddf by Moritz Muehlenhoff at 2022-05-27T19:22:07+02:00
buster/bullseye triage
add one more patch needed for pcre issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2317,12 +2317,13 @@ CVE-2022-25932
RESERVED
CVE-2022-1736
RESERVED
- - gnome-remote-desktop 42.1.1-2
+ - gnome-remote-desktop 42.1.1-2 (unimportant)
NOTE:
https://bugs.launchpad.net/ubuntu/+source/gnome-remote-desktop/+bug/1973028/comments/3
NOTE: The CVE is assigned based on the Ubuntu policy strongly
discouraging open ports by
NOTE: default (https://wiki.ubuntu.com/Security/Features#ports) and the
fact that the user
NOTE: service was enabled by default (and not automatically enabled
anymore since 42.1.1-2)
- TODO: check, if we want to threat this as unimportant severity issue
+ NOTE: Not treated as a security issue in Debian, whether to start the
daemon or not is ultimately
+ NOTE: up to the local admin
CVE-2022-1735 (Classic Buffer Overflow in GitHub repository vim/vim prior to
8.2.4969 ...)
- vim <unfixed> (unimportant)
NOTE: https://huntr.dev/bounties/c9f85608-ff11-48e4-933d-53d1759d44d9
@@ -4047,6 +4048,8 @@ CVE-2022-30285
RESERVED
CVE-2022-30284 (In the python-libnmap package through 0.7.2 for Python, remote
command ...)
- python-libnmap <unfixed>
+ [bullseye] - python-libnmap <no-dsa> (Minor issue)
+ [buster] - python-libnmap <no-dsa> (Minor issue)
NOTE: https://www.swascan.com/security-advisory-libnmap-2/
CVE-2022-30283
RESERVED
@@ -4104,6 +4107,7 @@ CVE-2022-1587 (An out-of-bounds read vulnerability was
discovered in the PCRE2 l
CVE-2022-1586 (An out-of-bounds read vulnerability was discovered in the PCRE2
librar ...)
- pcre2 10.40-1
NOTE:
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a
(pcre2-10.40)
+ NOTE:
https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c
CVE-2022-1585
RESERVED
CVE-2022-30259
@@ -7995,6 +7999,8 @@ CVE-2022-28920 (Tieba-Cloud-Sign v4.9 was discovered to
contain a cross-site scr
NOT-FOR-US: Baidu Tieba
CVE-2022-28919 (HTMLCreator release_stable_2020-07-29 was discovered to
contain a cros ...)
- dokuwiki <unfixed> (bug #1011056)
+ [bullseye] - dokuwiki <no-dsa> (Minor issue)
+ [buster] - dokuwiki <no-dsa> (Minor issue)
NOTE: https://github.com/splitbrain/dokuwiki/issues/3651
NOTE:
https://github.com/splitbrain/dokuwiki/commit/d3233986baa7dfe44490b805ae2e4296fad59401
CVE-2022-28918 (GreenCMS v2.3.0603 was discovered to contain an arbitrary file
deletio ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ffdcddf525cecac62c1e2e1b5d1d8cdf35b741f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ffdcddf525cecac62c1e2e1b5d1d8cdf35b741f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
