[Git][security-tracker-team/security-tracker][master] gsasl CVEfied and claim in dsa-needed

Tue, 19 Jul 2022 14:22:44 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c5d4ccad by Moritz Muehlenhoff at 2022-07-19T23:21:26+02:00
gsasl CVEfied and claim in dsa-needed

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,7 +27,10 @@ CVE-2022-2471
 CVE-2022-2470
        RESERVED
 CVE-2022-2469 (GNU SASL libgsasl server-side read-out-of-bounds with malicious 
authen ...)
-       TODO: check
+       - gsasl 2.0.1-1
+       NOTE: Advisory: 
https://lists.gnu.org/archive/html/help-gsasl/2022-07/msg00001.html
+       NOTE: Reproducing issue: 
https://lists.gnu.org/archive/html/help-gsasl/2022-07/msg00002.html
+       NOTE: Fixed by: 
https://gitlab.com/gsasl/gsasl/-/commit/796e4197f696261c1f872d7576371232330bcc30
 (v2.0.1)
 CVE-2022-2468 (A vulnerability was found in SourceCodester Garage Management 
System 1 ...)
        TODO: check
 CVE-2022-2467 (A vulnerability has been found in SourceCodester Garage 
Management Sys ...)
@@ -990,11 +993,6 @@ CVE-2022-2422
        RESERVED
 CVE-2022-2421
        RESERVED
-CVE-2022-XXXX [gsasl: Server out-of-bounds read with authenticated GSS-API 
client]
-       - gsasl 2.0.1-1
-       NOTE: Advisory: 
https://lists.gnu.org/archive/html/help-gsasl/2022-07/msg00001.html
-       NOTE: Reproducing issue: 
https://lists.gnu.org/archive/html/help-gsasl/2022-07/msg00002.html
-       NOTE: Fixed by: 
https://gitlab.com/gsasl/gsasl/-/commit/796e4197f696261c1f872d7576371232330bcc30
 (v2.0.1)
 CVE-2022-2420 (A vulnerability was found in URVE Web Manager. It has been 
rated as cr ...)
        NOT-FOR-US: URVE Web Manager
 CVE-2022-2419 (A vulnerability was found in URVE Web Manager. It has been 
declared as ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -20,6 +20,8 @@ epiphany-browser
 --
 freecad (aron)
 --
+gsasl (jmm)
+--
 jetty
 --
 kicad (jmm)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5d4ccad17ac07e4742c28da368cbe31602dfe22

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5d4ccad17ac07e4742c28da368cbe31602dfe22
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to