[Git][security-tracker-team/security-tracker][master] Track fixed version for apache2 issues fixed via unstable

Salvatore Bonaccorso (@carnil) Wed, 08 Jun 2022 22:53:13 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a5a31298 by Salvatore Bonaccorso at 2022-06-09T07:52:31+02:00
Track fixed version for apache2 issues fixed via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1873,7 +1873,7 @@ CVE-2022-1947 (Use of Incorrect Operator in GitHub 
repository polonel/trudesk pr
 CVE-2022-1946
        RESERVED
 CVE-2022-31813 (Apache HTTP Server 2.4.53 and earlier may not send the 
X-Forwarded-* h ...)
-       - apache2 <unfixed> (bug #1012513)
+       - apache2 2.4.54-1 (bug #1012513)
        NOTE: https://www.openwall.com/lists/oss-security/2022/06/08/8
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-31813
 CVE-2022-31812
@@ -5495,7 +5495,7 @@ CVE-2022-30594 (The Linux kernel before 5.17.2 mishandles 
seccomp permissions. T
        NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2276
        NOTE: 
https://git.kernel.org/linus/ee1fee900537b5d9560e9f937402de5ddc8412f3 (5.18-rc1)
 CVE-2022-30556 (Apache HTTP Server 2.4.53 and earlier may return lengths to 
applicatio ...)
-       - apache2 <unfixed> (bug #1012513)
+       - apache2 2.4.54-1 (bug #1012513)
        NOTE: https://www.openwall.com/lists/oss-security/2022/06/08/7
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30556
 CVE-2022-30555
@@ -5671,7 +5671,7 @@ CVE-2022-30524 (There is an invalid memory access in the 
TextLine class in TextO
 CVE-2022-30523 (Trend Micro Password Manager (Consumer) version 5.0.0.1266 and 
below i ...)
        NOT-FOR-US: Trend Micro
 CVE-2022-30522 (If Apache HTTP Server 2.4.53 is configured to do 
transformations with  ...)
-       - apache2 <unfixed> (bug #1012513)
+       - apache2 2.4.54-1 (bug #1012513)
        NOTE: https://www.openwall.com/lists/oss-security/2022/06/08/6
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-30522
 CVE-2022-1642
@@ -8973,7 +8973,7 @@ CVE-2022-1382 (NULL Pointer Dereference in GitHub 
repository radareorg/radare2 p
        NOTE: https://huntr.dev/bounties/d8b6d239-6d7b-4783-b26b-5be848c01aa1
        NOTE: 
https://github.com/radareorg/radare2/commit/48f0ea79f99174fb0a62cb2354e13496ce5b7c44
 CVE-2022-29404 (In Apache HTTP Server 2.4.53 and earlier, a malicious request 
to a lua ...)
-       - apache2 <unfixed> (bug #1012513)
+       - apache2 2.4.54-1 (bug #1012513)
        NOTE: https://www.openwall.com/lists/oss-security/2022/06/08/5
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-29404
 CVE-2022-1381 (global heap buffer overflow in skip_range in GitHub repository 
vim/vim ...)
@@ -11171,11 +11171,11 @@ CVE-2022-28617 (A remote bypass security restrictions 
vulnerability was discover
 CVE-2022-28616 (A remote server-side request forgery (ssrf) vulnerability was 
discover ...)
        NOT-FOR-US: HPE OneView
 CVE-2022-28615 (Apache HTTP Server 2.4.53 and earlier may crash or disclose 
informatio ...)
-       - apache2 <unfixed> (bug #1012513)
+       - apache2 2.4.54-1 (bug #1012513)
        NOTE: https://www.openwall.com/lists/oss-security/2022/06/08/9
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28615
 CVE-2022-28614 (The ap_rwrite() function in Apache HTTP Server 2.4.53 and 
earlier may  ...)
-       - apache2 <unfixed> (bug #1012513)
+       - apache2 2.4.54-1 (bug #1012513)
        NOTE: https://www.openwall.com/lists/oss-security/2022/06/08/4
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-28614
 CVE-2022-28613 (A vulnerability in the HCI Modbus TCP COMPONENT of Hitachi 
Energy RTU5 ...)
@@ -17653,7 +17653,7 @@ CVE-2022-26379
 CVE-2022-26378
        RESERVED
 CVE-2022-26377 (Inconsistent Interpretation of HTTP Requests ('HTTP Request 
Smuggling' ...)
-       - apache2 <unfixed> (bug #1012513)
+       - apache2 2.4.54-1 (bug #1012513)
        NOTE: https://www.openwall.com/lists/oss-security/2022/06/08/2
        NOTE: 
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2022-26377
 CVE-2022-26073 (A denial of service vulnerability exists in the libxm_av.so 
DemuxCmdIn ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5a31298dbd51d2ae10992d02d78730d33b3bc02

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5a31298dbd51d2ae10992d02d78730d33b3bc02
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track fixed version for apache2 issues fixed via unstable

Reply via email to