[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

Mon, 30 May 2022 09:45:03 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5d6d0eff by Moritz Muehlenhoff at 2022-05-30T18:44:40+02:00
buster/bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30,11 +30,10 @@ CVE-2022-1929
 CVE-2022-1928 (Cross-site Scripting (XSS) - Stored in GitHub repository 
go-gitea/gite ...)
        - gitea <removed>
 CVE-2022-1927 (Buffer Over-read in GitHub repository vim/vim prior to 8.2. ...)
-       - vim <unfixed>
-       [bullseye] - vim <no-dsa> (Minor issue)
-       [buster] - vim <no-dsa> (Minor issue)
+       - vim <unfixed> (unimportant)
        NOTE: https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777
        NOTE: 
https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 
(v8.2.5037)
+       NOTE: Crash in CLI tool, no security impact
 CVE-2022-1926
        RESERVED
 CVE-2022-31793
@@ -19670,12 +19669,16 @@ CVE-2022-24884 (ecdsautils is a tiny collection of 
programs used for ECDSA (keyg
        NOTE: 
https://github.com/freifunk-gluon/ecdsautils/commit/1d4b091abdf15ad7b2312535b5b95ad70f6dbd08
 (v0.4.1)
 CVE-2022-24883 (FreeRDP is a free implementation of the Remote Desktop 
Protocol (RDP). ...)
        - freerdp2 2.7.0+dfsg1-1
+       [bullseye] - freerdp2 <no-dsa> (Minor issue)
+       [buster] - freerdp2 <no-dsa> (Minor issue)
        - freerdp <removed>
        NOTE: 
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qxm3-v2r6-vmwf
        NOTE: Fixed by: 
https://github.com/FreeRDP/FreeRDP/commit/4661492e5a617199457c8074bad22f766a116cdc
        NOTE: Fixed by (backport): 
https://github.com/FreeRDP/FreeRDP/commit/6f473b273a4b6f0cb6aca32b95e22fd0de88e144
 CVE-2022-24882 (FreeRDP is a free implementation of the Remote Desktop 
Protocol (RDP). ...)
        - freerdp2 2.7.0+dfsg1-1
+       [bullseye] - freerdp2 <no-dsa> (Minor issue)
+       [buster] - freerdp2 <no-dsa> (Minor issue)
        - freerdp <removed>
        NOTE: 
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6x5p-gp49-3jhh
        NOTE: https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/95
@@ -95178,6 +95181,8 @@ CVE-2021-21898 (A code execution vulnerability exists 
in the dwgCompressor::deco
        NOTE: 
https://github.com/LibreCAD/libdxfrw/commit/ba3fa95648bef948e008dfbdd31a4d21badd71f0
 CVE-2021-21897 (A code execution vulnerability exists in the 
DL_Dxf::handleLWPolylineD ...)
        - cloudcompare <unfixed> (bug #1010347)
+       [bullseye] - cloudcompare <no-dsa> (Minor issue)
+       [buster] - cloudcompare <no-dsa> (Minor issue)
        - dxflib 3.26.4-1
        [bullseye] - dxflib <no-dsa> (Minor issue)
        [buster] - dxflib <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d6d0eff00ebc259a6317ecc29020dc2a760ac5d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d6d0eff00ebc259a6317ecc29020dc2a760ac5d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to