Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
767e7cef by Salvatore Bonaccorso at 2022-08-09T11:02:58+02:00
Mark CVE-2022-2391{4,5} as unimportant
- - - - -
cfd780de by Salvatore Bonaccorso at 2022-08-09T11:03:33+02:00
Update CVE-2022-2391{4,5}/salmon: Vulnerable code newer in a released Debian
version but fixed before inclusion
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -139017,18 +139017,16 @@ CVE-2020-23917
CVE-2020-23916
RESERVED
CVE-2020-23915 (An issue was discovered in cpp-peglib through v0.1.12.
peg::resolve_es ...)
- - retroarch <not-affected> (peglib.h is not compiled in Debian builds)
- - salmon 1.4.0+ds1-1
- [buster] - salmon <not-affected> (Vulnerable code not present)
- [stretch] - salmon <not-affected> (Vulnerable code not present)
+ - retroarch <unfixed> (unimportant)
+ NOTE: peglib.h is not compiled in Debian builds
+ - salmon <not-affected> (Vulnerable code never in a released Debian
version)
NOTE: Crash in CLI tool, no security impact
NOTE:
https://github.com/yhirose/cpp-peglib/commit/b3b29ce8f3acf3a32733d930105a17d7b0ba347e
NOTE: https://github.com/yhirose/cpp-peglib/issues/122
CVE-2020-23914 (An issue was discovered in cpp-peglib through v0.1.12. A NULL
pointer ...)
- - retroarch <not-affected> (peglib.h is not compiled in Debian builds)
- - salmon 1.4.0+ds1-1
- [buster] - salmon <not-affected> (Vulnerable code not present)
- [stretch] - salmon <not-affected> (Vulnerable code not present)
+ - retroarch <unfixed> (unimportant)
+ NOTE: peglib.h is not compiled in Debian builds
+ - salmon <not-affected> (Vulnerable code never in a released Debian
version)
NOTE: Crash in CLI tool, no security impact
NOTE:
https://github.com/yhirose/cpp-peglib/commit/0061f393de54cf0326621c079dc2988336d1ebb3
NOTE: https://github.com/yhirose/cpp-peglib/issues/121
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/69608770d7ef55a4bcc23426735e2fb6d3cd271d...cfd780de5de189a6de81ac6f34c615c3217b19e1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/69608770d7ef55a4bcc23426735e2fb6d3cd271d...cfd780de5de189a6de81ac6f34c615c3217b19e1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
