[Git][security-tracker-team/security-tracker][master] Track fixed version for several wolfssl issues via unstable

Thu, 10 Nov 2022 11:30:55 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fd02f90b by Salvatore Bonaccorso at 2022-11-10T20:29:26+01:00
Track fixed version for several wolfssl issues via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8368,7 +8368,7 @@ CVE-2022-42963
 CVE-2022-42962
        RESERVED
 CVE-2022-42961 (An issue was discovered in wolfSSL before 5.5.0. A fault 
injection att ...)
-       - wolfssl <unfixed> (bug #1023574)
+       - wolfssl 5.5.3-1 (bug #1023574)
        NOTE: https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable
 CVE-2022-42960
        RESERVED
@@ -17672,7 +17672,7 @@ CVE-2022-39175
 CVE-2022-39174
        RESERVED
 CVE-2022-39173 (In wolfSSL before 5.5.1, malicious clients can cause a buffer 
overflow ...)
-       - wolfssl <unfixed> (bug #1021021)
+       - wolfssl 5.5.3-1 (bug #1021021)
 CVE-2022-39172
        RESERVED
 CVE-2022-39171
@@ -20911,11 +20911,11 @@ CVE-2022-38155 (TEE_Malloc in Samsung mTower through 
0.3.0 allows a trusted appl
 CVE-2022-38154
        RESERVED
 CVE-2022-38153 (An issue was discovered in wolfSSL before 5.5.0 (when 
--enable-session ...)
-       - wolfssl <unfixed> (bug #1021021)
+       - wolfssl 5.5.3-1 (bug #1021021)
        [bullseye] - wolfssl <not-affected> (Vulnerable code not present and 
session tickets not enabled)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/5476
 CVE-2022-38152 (An issue was discovered in wolfSSL before 5.5.0. When a TLS 
1.3 client ...)
-       - wolfssl <unfixed> (bug #1021021)
+       - wolfssl 5.5.3-1 (bug #1021021)
        [bullseye] - wolfssl <no-dsa> (Minor issue)
        NOTE: https://github.com/wolfSSL/wolfssl/pull/5468
 CVE-2022-38151
@@ -31204,7 +31204,7 @@ CVE-2022-34295 (totd before 1.5.3 does not properly 
randomize mesg IDs. ...)
 CVE-2022-34294 (totd 1.5.3 uses a fixed UDP source port in upstream queries 
sent to DN ...)
        NOT-FOR-US: totd
 CVE-2022-34293 (wolfSSL before 5.4.0 allows remote attackers to cause a denial 
of serv ...)
-       - wolfssl <unfixed> (bug #1016981)
+       - wolfssl 5.5.3-1 (bug #1016981)
        [bullseye] - wolfssl <no-dsa> (Minor issue)
        NOTE: http://www.openwall.com/lists/oss-security/2022/08/08/6
 CVE-2022-34292



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd02f90bb56e8821a02a2efd23a2a5db78b8dac7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd02f90bb56e8821a02a2efd23a2a5db78b8dac7
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to