Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
12210128 by Salvatore Bonaccorso at 2022-09-22T22:47:34+02:00
Process several texlive-bin CVEs related to OTFCC
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16030,43 +16030,97 @@ CVE-2022-35041
CVE-2022-35040
RESERVED
CVE-2022-35039 (OTFCC commit 617837b was discovered to contain a heap buffer
overflow ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35038 (OTFCC commit 617837b was discovered to contain a heap buffer
overflow ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35037 (OTFCC commit 617837b was discovered to contain a heap buffer
overflow ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35036 (OTFCC commit 617837b was discovered to contain a heap buffer
overflow ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35035 (OTFCC commit 617837b was discovered to contain a heap buffer
overflow ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35034 (OTFCC commit 617837b was discovered to contain a heap buffer
overflow ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35033
RESERVED
CVE-2022-35032 (OTFCC commit 617837b was discovered to contain a segmentation
violatio ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35031 (OTFCC commit 617837b was discovered to contain a segmentation
violatio ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35030 (OTFCC commit 617837b was discovered to contain a segmentation
violatio ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35029 (OTFCC commit 617837b was discovered to contain a segmentation
violatio ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35028 (OTFCC commit 617837b was discovered to contain a segmentation
violatio ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35027 (OTFCC commit 617837b was discovered to contain a segmentation
violatio ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35026 (OTFCC commit 617837b was discovered to contain a segmentation
violatio ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35025 (OTFCC commit 617837b was discovered to contain a segmentation
violatio ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35024 (OTFCC commit 617837b was discovered to contain a segmentation
violatio ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35023 (OTFCC commit 617837b was discovered to contain a segmentation
violatio ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35022 (OTFCC commit 617837b was discovered to contain a segmentation
violatio ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35021 (OTFCC commit 617837b was discovered to contain a global buffer
overflo ...)
- TODO: check
+ - texlive-bin <unfixed> (unimportant)
+ [bullseye] - texlive-bin <not-affected> (Vulnerable code not present)
+ [buster] - texlive-bin <not-affected> (Vulnerable code not present)
+ NOTE: Crash in CLI tool, no security impact and affected code not
built, see as well #1019602
CVE-2022-35020 (Advancecomp v2.3 was discovered to contain a heap buffer
overflow via ...)
- advancecomp <unfixed> (unimportant; bug #1019592)
NOTE:
https://github.com/Cvjark/Poc/blob/main/advancecomp/CVE-2022-35020.md
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12210128324d72e67d4ade82c87af775c5b5fd08
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12210128324d72e67d4ade82c87af775c5b5fd08
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
