Helmut Grohne pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f81458e3 by Helmut Grohne at 2022-10-03T08:11:06+02:00
triage/fix lighttpd CVEs in buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1088,6 +1088,7 @@ CVE-2022-41556 [handle RDHUP when collecting chunked body]
RESERVED
{DSA-5243-1}
- lighttpd 1.4.67-1
+ [buster] - lighttpd <not-affected> (vulnerable code inserted in
lighttpd-1.4.55-211-gbcddbe18)
NOTE: https://github.com/lighttpd/lighttpd1.4/pull/115
NOTE:
https://github.com/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50
(lighttpd-1.4.67)
CVE-2022-40690
@@ -10692,7 +10693,7 @@ CVE-2022-37798 (Tenda AC1206 V15.03.06.23 was
discovered to contain a stack over
CVE-2022-37797 (In lighttpd 1.4.65, mod_wstunnel does not initialize a handler
functio ...)
{DSA-5243-1}
- lighttpd 1.4.66-1
- [buster] - lighttpd <no-dsa> (Minor issue)
+ [buster] - lighttpd 1.4.53-1+deb10u3
NOTE: https://redmine.lighttpd.net/issues/3165
NOTE:
https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/971773f1fae600074b46ef64f3ca1f76c227985f
(lighttpd-1.4.66)
CVE-2022-37796 (In Simple Online Book Store System 1.0 in /admin_book.php the
Title, A ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f81458e34fc0ca1d6adb86b268f55a58c270c95e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f81458e34fc0ca1d6adb86b268f55a58c270c95e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
