Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 53011fdd by Salvatore Bonaccorso at 2022-10-24T20:37:43+02:00 Update onionshare CVEs according to upstream provided information Link: https://github.com/onionshare/onionshare/issues/1633 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -68487,32 +68487,44 @@ CVE-2022-21698 (client_golang is the instrumentation library for Go applications CVE-2022-21697 (Jupyter Server Proxy is a Jupyter notebook server extension to proxy w ...) NOT-FOR-US: Jupyter Server Proxy CVE-2022-21696 (OnionShare is an open source tool that lets you securely and anonymous ...) - - onionshare <unfixed> (bug #1014966) + - onionshare 2.5-1 (bug #1014966) + [bullseye] - onionshare <not-affected> (Vulnerable code not present) + [buster] - onionshare <not-affected> (Vulnerable code not present) NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-68vr-8f46-vc9f CVE-2022-21695 (OnionShare is an open source tool that lets you securely and anonymous ...) - - onionshare <unfixed> (bug #1014966) + - onionshare 2.5-1 (bug #1014966) + [bullseye] - onionshare <not-affected> (Vulnerable code not present) + [buster] - onionshare <not-affected> (Vulnerable code not present) NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-99p8-9p2c-49j4 CVE-2022-21694 (OnionShare is an open source tool that lets you securely and anonymous ...) - - onionshare <unfixed> (bug #1014966) + - onionshare 2.5-1 (bug #1014966) + [buster] - onionshare <not-affected> (Vulnerable code not present) NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-h29c-wcm8-883h NOTE: https://github.com/onionshare/onionshare/issues/1389 CVE-2022-21693 (OnionShare is an open source tool that lets you securely and anonymous ...) - - onionshare <unfixed> (bug #1014966) + - onionshare 2.5-1 (bug #1014966) + [bullseye] - onionshare <not-affected> (Vulnerable code not present) + [buster] - onionshare <not-affected> (Vulnerable code not present) NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-jgm9-xpfj-4fq6 CVE-2022-21692 (OnionShare is an open source tool that lets you securely and anonymous ...) - - onionshare <unfixed> (bug #1014966) + - onionshare 2.5-1 (bug #1014966) + [bullseye] - onionshare <not-affected> (Vulnerable code not present) + [buster] - onionshare <not-affected> (Vulnerable code not present) NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-gjj5-998g-v36v CVE-2022-21691 (OnionShare is an open source tool that lets you securely and anonymous ...) - - onionshare <unfixed> (bug #1014966) + - onionshare 2.5-1 (bug #1014966) + [bullseye] - onionshare <not-affected> (Vulnerable code not present) + [buster] - onionshare <not-affected> (Vulnerable code not present) NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-w9m4-7w72-r766 CVE-2022-21690 (OnionShare is an open source tool that lets you securely and anonymous ...) - - onionshare <unfixed> (bug #1014966) + - onionshare 2.5-1 (bug #1014966) NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-ch22-x2v3-v6vq CVE-2022-21689 (OnionShare is an open source tool that lets you securely and anonymous ...) - - onionshare <unfixed> (bug #1014966) + - onionshare 2.5-1 (bug #1014966) + [buster] - onionshare <not-affected> (Vulnerable code not present) NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-jh82-c5jw-pxpc CVE-2022-21688 (OnionShare is an open source tool that lets you securely and anonymous ...) - - onionshare <unfixed> (bug #1014966) + - onionshare 2.5-1 (bug #1014966) NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-x7wr-283h-5h2v CVE-2022-21687 (gh-ost is a triggerless online schema migration solution for MySQL. Ve ...) NOT-FOR-US: GitHub Online Schema @@ -77356,8 +77368,11 @@ CVE-2021-41869 (SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vuln NOT-FOR-US: SuiteCRM CVE-2021-41868 (OnionShare 2.3 before 2.4 allows remote unauthenticated attackers to u ...) - onionshare 2.5-1 (bug #1014966) + [buster] - onionshare <not-affected> (Vulnerable code not present) CVE-2021-41867 (An information disclosure vulnerability in OnionShare 2.3 before 2.4 a ...) - onionshare 2.5-1 (bug #1014966) + [bullseye] - onionshare <not-affected> (Vulnerable code not present) + [buster] - onionshare <not-affected> (Vulnerable code not present) CVE-2021-41866 (MyBB before 1.8.28 allows stored XSS because the displayed Template Na ...) NOT-FOR-US: MyBB CVE-2021-3853 (chaskiq is vulnerable to Improper Neutralization of Input During Web P ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53011fdd3708f039d7cb16e72006576408d53f55 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53011fdd3708f039d7cb16e72006576408d53f55 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
