Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
04fb7653 by Salvatore Bonaccorso at 2022-10-26T16:57:35+02:00
Add CVE-2022-32221/curl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30021,8 +30021,12 @@ CVE-2022-32222 (A cryptographic vulnerability exists
on Node.js on linux in vers
- nodejs <not-affected> (Specific to Node 18 and nodejs-distributed
binaries)
NOTE:
https://nodejs.org/en/blog/vulnerability/july-2022-security-releases/#attempt-to-read-openssl-cnf-from-home-iojs-build-upon-startup-medium-cve-2022-32222
NOTE:
https://github.com/nodejs/node/commit/a5fc2deb43f85dc2195a1fe1683b9c2e7443b001
-CVE-2022-32221
+CVE-2022-32221 [POST following PUT confusion]
RESERVED
+ - curl <unfixed>
+ NOTE: https://curl.se/docs/CVE-2022-32221.html
+ NOTE: https://github.com/curl/curl/issues/9507
+ NOTE: Fixed by:
https://github.com/curl/curl/commit/a64e3e59938abd7d667e4470a18072a24d7e9de9
(curl-7_86_0)
CVE-2022-32220 (An information disclosure vulnerability exists in Rocket.Chat
<v5 d ...)
NOT-FOR-US: Rockert.Chat
CVE-2022-32219 (An information disclosure vulnerability exists in Rocket.Chat
<v4.7 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04fb76530947ba81583f56b4efbb11d2da319294
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04fb76530947ba81583f56b4efbb11d2da319294
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
