Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce15aa28 by Moritz Muehlenhoff at 2022-07-06T23:11:11+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2554,7 +2554,7 @@ CVE-2022-34300 (In tinyexr 1.0.1, there is a heap-based
buffer over-read in tiny
[bullseye] - tinyexr <no-dsa> (Minor issue)
NOTE: https://github.com/syoyo/tinyexr/issues/167
CVE-2022-34299 (There is a heap-based buffer over-read in libdwarf 0.4.0. This
issue i ...)
- - dwarfutils <unfixed>
+ - dwarfutils <unfixed> (bug #1014493)
[bullseye] - dwarfutils <no-dsa> (Minor issue)
[buster] - dwarfutils <no-dsa> (Minor issue)
[stretch] - dwarfutils <no-dsa> (Minor issue)
@@ -5774,21 +5774,21 @@ CVE-2017-20053 (A vulnerability was found in XYZScripts
Contact Form Manager Plu
CVE-2017-20052 (A vulnerability classified as problematic was found in Python
2.7.13. ...)
NOT-FOR-US: pgadmin on Windows
CVE-2022-2058 (Divide By Zero error in tiffcrop in libtiff 4.4.0 allows
attackers to ...)
- - tiff <unfixed>
+ - tiff <unfixed> (bug #1014494)
[bullseye] - tiff <no-dsa> (Minor issue)
[buster] - tiff <no-dsa> (Minor issue)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/428
NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/346
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/dd1bcc7abb26094e93636e85520f0d8f81ab0fab
CVE-2022-2057 (Divide By Zero error in tiffcrop in libtiff 4.4.0 allows
attackers to ...)
- - tiff <unfixed>
+ - tiff <unfixed> (bug #1014494)
[bullseye] - tiff <no-dsa> (Minor issue)
[buster] - tiff <no-dsa> (Minor issue)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/427
NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/346
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/dd1bcc7abb26094e93636e85520f0d8f81ab0fab
CVE-2022-2056 (Divide By Zero error in tiffcrop in libtiff 4.4.0 allows
attackers to ...)
- - tiff <unfixed>
+ - tiff <unfixed> (bug #1014494)
[bullseye] - tiff <no-dsa> (Minor issue)
[buster] - tiff <no-dsa> (Minor issue)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/415
@@ -10866,14 +10866,14 @@ CVE-2022-31093 (NextAuth.js is a complete open source
authentication solution fo
CVE-2022-31092 (Pimcore is an Open Source Data & Experience Management
Platform. P ...)
NOT-FOR-US: Pimcore
CVE-2022-31091 (Guzzle, an extensible PHP HTTP client. `Authorization` and
`Cookie` he ...)
- - guzzle <unfixed>
+ - guzzle <unfixed> (bug #1014492)
- mediawiki 1:1.35.7-1
[bullseye] - mediawiki <postponed> (Minor issue, fix along with next
security release)
[buster] - mediawiki <postponed> (Minor issue, fix along with next
security release)
NOTE:
https://github.com/guzzle/guzzle/security/advisories/GHSA-q559-8m2m-g699
NOTE:
https://github.com/guzzle/guzzle/commit/1dd98b0564cb3f6bd16ce683cb755f94c10fbd82
(7.4.5)
CVE-2022-31090 (Guzzle, an extensible PHP HTTP client. `Authorization` headers
on requ ...)
- - guzzle <unfixed>
+ - guzzle <unfixed> (bug #1014492)
- mediawiki 1:1.35.7-1
[bullseye] - mediawiki <postponed> (Minor issue, fix along with next
security release)
[buster] - mediawiki <postponed> (Minor issue, fix along with next
security release)
@@ -42595,11 +42595,11 @@ CVE-2021-44977 (In iCMS <=8.0.0, a directory
traversal vulnerability allows a
CVE-2021-44976
RESERVED
CVE-2021-44975 (radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via
/libr/cor ...)
- - radare2 <unfixed>
+ - radare2 <unfixed> (bug #1014490)
NOTE:
https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/
NOTE: Fixed in 5.6.0
CVE-2021-44974 (radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer
Derefere ...)
- - radare2 <unfixed>
+ - radare2 <unfixed> (bug #1014490)
NOTE:
https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/
NOTE: Fixed in 5.5.4
CVE-2021-44973
@@ -45060,7 +45060,7 @@ CVE-2021-44222
CVE-2021-44221
RESERVED
CVE-2021-4021 (A vulnerability was found in Radare2 in versions prior to
5.6.2, 5.6.0 ...)
- - radare2 <unfixed>
+ - radare2 <unfixed> (bug #1014490)
NOTE: https://github.com/radareorg/radare2/issues/19436
NOTE:
https://github.com/radareorg/radare2/commit/3fed0e322d9374891a3412811e5270dc535cea02
CVE-2021-4020 (janus-gateway is vulnerable to Improper Neutralization of Input
During ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce15aa2874c0cf538a76eb53c80cbb5e6775c8d3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce15aa2874c0cf538a76eb53c80cbb5e6775c8d3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
