Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0568dfee by Moritz Muehlenhoff at 2022-09-14T16:46:17+02:00
otfcc non issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13107,191 +13107,196 @@ CVE-2022-35486 (OTFCC v0.10.4 was discovered to
contain a segmentation violation
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35485 (OTFCC v0.10.4 was discovered to contain a segmentation
violation via / ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35484 (OTFCC v0.10.4 was discovered to contain a segmentation
violation via / ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35483 (OTFCC v0.10.4 was discovered to contain a segmentation
violation via / ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35482 (OTFCC v0.10.4 was discovered to contain a segmentation
violation via / ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35481 (OTFCC v0.10.4 was discovered to contain a segmentation
violation via / ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35480
RESERVED
CVE-2022-35479 (OTFCC v0.10.4 was discovered to contain a segmentation
violation via / ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35478 (OTFCC v0.10.4 was discovered to contain a segmentation
violation via / ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35477 (OTFCC v0.10.4 was discovered to contain a segmentation
violation via / ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35476 (OTFCC v0.10.4 was discovered to contain a segmentation
violation via / ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35475 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- - texlive-bin <unfixed> (bug #1019602)
+ - texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Affected code not built, see #1019602
CVE-2022-35474 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35473 (OTFCC v0.10.4 was discovered to contain a segmentation
violation via / ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35472 (OTFCC v0.10.4 was discovered to contain a global overflow via
/release ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35471 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- - texlive-bin <unfixed> (bug #1019602)
+ - texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Affected code not built, see #1019602
CVE-2022-35470 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35469 (OTFCC v0.10.4 was discovered to contain a segmentation
violation via / ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35468 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- - texlive-bin <unfixed> (bug #1019602)
+ - texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Affected code not built, see #1019602
CVE-2022-35467 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- - texlive-bin <unfixed> (bug #1019602)
+ - texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Affected code not built, see #1019602
CVE-2022-35466 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35465 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35464 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35463 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35462 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35461 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35460 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35459 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- - texlive-bin <unfixed> (bug #1019602)
+ - texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Affected code not built, see #1019602
CVE-2022-35458 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35457
RESERVED
CVE-2022-35456 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35455 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35454 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35453 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35452 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35451 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35450 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35449 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35448 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35447 (OTFCC v0.10.4 was discovered to contain a heap-buffer overflow
via /re ...)
- texlive-bin <unfixed> (unimportant; bug #1019602)
[bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
[buster] - texlive-bin <not-affected> (Vulnerable code not present)
- NOTE: Crash in CLI tool, no security impact)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see #1019602
CVE-2022-35446
RESERVED
CVE-2022-35445
@@ -19474,7 +19479,10 @@ CVE-2022-33049 (Online Railway Reservation System v1.0
was discovered to contain
CVE-2022-33048 (Online Railway Reservation System v1.0 was discovered to
contain a SQL ...)
NOT-FOR-US: Online Railway Reservation System
CVE-2022-33047 (OTFCC v0.10.4 was discovered to contain a heap buffer overflow
after f ...)
- TODO: check, OTFCC is embedded in src:texlive-bin, but check actual
impact
+ - texlive-bin <unfixed> (unimportant; bug #1019602)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Affected code not built, see #1019602
CVE-2022-33046
RESERVED
CVE-2022-33045
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0568dfeef1d113df9e64699308e54e61499c577d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0568dfeef1d113df9e64699308e54e61499c577d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
