[Git][security-tracker-team/security-tracker][master] 5 commits: add fixed versions for CVE-2022-26305/CVE-2022-26306/CVE-2022-26307

[Emilio Pozuelo Monfort (@pochu)]

Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
143c266d by Rene Engelhard at 2022-07-26T12:54:47+02:00
add fixed versions for CVE-2022-26305/CVE-2022-26306/CVE-2022-26307

- - - - -
065d5d7e by Rene Engelhard at 2022-07-26T12:55:15+02:00
fix NOTEs of CVE-2022-26305 and CVE-2022-26306

- - - - -
5cff40d3 by Rene Engelhard at 2022-07-26T13:08:54+02:00
mark CVE-2022-26305/CVE-2022-26306/CVE-2022-26307 as no-DSA

... after taking with Moritz on IRC

- - - - -
3bdd8a76 by Rene Engelhard at 2022-07-26T13:52:15+02:00
use libreoffice 1:7.3.3~rc1-2; -1 was just uploaded to experimental

- - - - -
9ad760be by Emilio Pozuelo Monfort at 2022-07-26T11:55:22+00:00
Merge branch 'master' into 'master'

update libreoffice information

See merge request security-tracker-team/security-tracker!113
- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28756,14 +28756,20 @@ CVE-2022-26309
 CVE-2022-26308
        RESERVED
 CVE-2022-26307 (LibreOffice supports the storage of passwords for web 
connections in t ...)
-       - libreoffice <unfixed>
+       - libreoffice 1:7.3.3~rc1-2
+        [bullseye] - libreoffice <no-dsa> (Minor issue)
+        [buster] - libreoffice <no-dsa> (Minor issue)
        NOTE: 
https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307
 CVE-2022-26306 (LibreOffice supports the storage of passwords for web 
connections in t ...)
-       - libreoffice <unfixed>
-       NOTE: 
https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307
+       - libreoffice 1:7.3.3~rc1-2
+        [bullseye] - libreoffice <no-dsa> (Minor issue)
+        [buster] - libreoffice <no-dsa> (Minor issue)
+       NOTE: 
https://www.libreoffice.org/about-us/security/advisories/cve-2022-26306
 CVE-2022-26305 (An Improper Certificate Validation vulnerability in 
LibreOffice existe ...)
-       - libreoffice <unfixed>
-       NOTE: 
https://www.libreoffice.org/about-us/security/advisories/cve-2022-26307
+       - libreoffice 1:7.3.2~rc2-1
+        [bullseye] - libreoffice <no-dsa> (Minor issue)
+        [buster] - libreoffice <no-dsa> (Minor issue)
+       NOTE: 
https://www.libreoffice.org/about-us/security/advisories/cve-2022-26305
 CVE-2022-26301 (TuziCMS v2.0.6 was discovered to contain a SQL injection 
vulnerability ...)
        NOT-FOR-US: TuziCMS
 CVE-2022-26300 (EOS v2.1.0 was discovered to contain a heap-buffer-overflow 
via the fu ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3cd7231dbfc4ff0be47fcf059d7b83164e472de2...9ad760bea321a6b18bceb5d578b6725f8872a702

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3cd7231dbfc4ff0be47fcf059d7b83164e472de2...9ad760bea321a6b18bceb5d578b6725f8872a702
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits