Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b1764c59 by security tracker role at 2022-08-21T20:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -291,8 +291,8 @@ CVE-2022-2887
RESERVED
CVE-2022-2886 (A vulnerability, which was classified as critical, was found in
Larave ...)
TODO: check
-CVE-2022-2885
- RESERVED
+CVE-2022-2885 (Cross-site Scripting (XSS) - Stored in GitHub repository
yetiforcecomp ...)
+ TODO: check
CVE-2022-38396
RESERVED
CVE-2022-38395
@@ -8999,8 +8999,7 @@ CVE-2022-2307 (A lack of cascading deletes in GitLab
CE/EE affecting all version
- gitlab <unfixed>
CVE-2022-34917
RESERVED
-CVE-2022-34916
- RESERVED
+CVE-2022-34916 (Apache Flume versions 1.4.0 through 1.10.0 are vulnerable to a
remote ...)
NOT-FOR-US: Apache Flume
CVE-2022-2306 (Old session tokens can be used to authenticate to the
application and ...)
NOT-FOR-US: Nakama
@@ -40920,14 +40919,14 @@ CVE-2021-46559 (The firmware on Moxa TN-5900 devices
through 3.1 has a weak algo
CVE-2019-25056 (In Bromite through 78.0.3904.130, there are adblock rules in
the relea ...)
NOT-FOR-US: Bromite
CVE-2022-23947 (A stack-based buffer overflow vulnerability exists in the
Gerber Viewe ...)
- {DLA-3078-1 DLA-2998-1}
+ {DSA-5214-1 DLA-3078-1 DLA-2998-1}
- kicad 6.0.2+dfsg-1
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1460
NOTE: https://gitlab.com/kicad/code/kicad/-/issues/10700
NOTE:
https://gitlab.com/kicad/code/kicad/-/commit/54b20cb0492ee20eb9efaff478eaa51fe17b4ca3
(master)
NOTE:
https://gitlab.com/kicad/code/kicad/-/commit/a7fbdfe9182fe075d1f36cf1f23432b28caf03b3
(6.0.2)
CVE-2022-23946 (A stack-based buffer overflow vulnerability exists in the
Gerber Viewe ...)
- {DLA-3078-1 DLA-2998-1}
+ {DSA-5214-1 DLA-3078-1 DLA-2998-1}
- kicad 6.0.2+dfsg-1
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1460
NOTE: https://gitlab.com/kicad/code/kicad/-/issues/10700
@@ -41785,14 +41784,14 @@ CVE-2022-23806 (Curve.IsOnCurve in crypto/elliptic in
Go before 1.16.14 and 1.17
CVE-2022-23805 (A security out-of-bounds read information disclosure
vulnerability in ...)
NOT-FOR-US: Trend Micro
CVE-2022-23804 (A stack-based buffer overflow vulnerability exists in the
Gerber Viewe ...)
- {DLA-3078-1 DLA-2998-1}
+ {DSA-5214-1 DLA-3078-1 DLA-2998-1}
- kicad 6.0.2+dfsg-1
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1453
NOTE: https://gitlab.com/kicad/code/kicad/-/issues/10719
NOTE:
https://gitlab.com/kicad/code/kicad/-/commit/927afe313d1f104391814ee7d5d9cca0a520aa50
(6.0.2)
NOTE:
https://gitlab.com/kicad/code/kicad/-/commit/7ed569058c516974c47b4a506daa3daea4248e05
(master)
CVE-2022-23803 (A stack-based buffer overflow vulnerability exists in the
Gerber Viewe ...)
- {DLA-3078-1 DLA-2998-1}
+ {DSA-5214-1 DLA-3078-1 DLA-2998-1}
- kicad 6.0.2+dfsg-1
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1453
NOTE: https://gitlab.com/kicad/code/kicad/-/issues/10719
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b1764c592e4743f534a727887b599ce434bbc4e3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b1764c592e4743f534a727887b599ce434bbc4e3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
