Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: f6a96ba3 by Thorsten Alteholz at 2022-11-19T19:12:21+01:00 mark CVE-2022-43705 as no-dsa for Buster - - - - - d60aec1c by Thorsten Alteholz at 2022-11-19T19:16:10+01:00 mark CVE-2021-3981 as no-dsa for Buster - - - - - 202f6141 by Thorsten Alteholz at 2022-11-19T19:21:25+01:00 mark CVE-2022-3979 as no-dsa for Buster - - - - - 805cb7e5 by Thorsten Alteholz at 2022-11-19T19:28:05+01:00 mark CVE-2022-21690 as not-affected for Buster - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1062,6 +1062,7 @@ CVE-2022-45198 (Pillow before 9.2.0 performs Improper Handling of Highly Compres CVE-2022-3979 (A vulnerability was found in NagVis up to 1.9.33 and classified as pro ...) - nagvis 1:1.9.34-1 [bullseye] - nagvis <no-dsa> (Minor issue) + [buster] - nagvis <no-dsa> (Minor issue) NOTE: https://github.com/NagVis/nagvis/commit/7574fd8a2903282c2e0d1feef5c4876763db21d5 (nagvis-1.9.34) CVE-2022-3978 (A vulnerability, which was classified as problematic, was found in Nod ...) NOT-FOR-US: NodeBB @@ -7661,6 +7662,7 @@ CVE-2022-43705 [malicious OCSP responder could forge OCSP responses] RESERVED - botan 2.19.3+dfsg-1 [bullseye] - botan <no-dsa> (Minor issue) + [buster] - botan <no-dsa> (Minor issue) NOTE: https://github.com/randombit/botan/security/advisories/GHSA-4v9w-qvcq-6q7w NOTE: https://github.com/randombit/botan/commit/fd83d9e262f63fb673e4c13ca37e5b768e41e812 (2.19.3) NOTE: https://github.com/randombit/botan/commit/4e35073ff356e37c3adcf1ff3522e9d0d48c765f (2.19.3) @@ -76429,6 +76431,7 @@ CVE-2021-3982 (Linux distributions using CAP_SYS_NICE for gnome-shell may be exp CVE-2021-3981 (A flaw in grub2 was found where its configuration file, known as grub. ...) - grub2 <unfixed> (bug #1001414) [bullseye] - grub2 <no-dsa> (Minor issue) + [buster] - grub2 <no-dsa> (Minor issue) [stretch] - grub2 <not-affected> (Vulnerable code introduced later) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2024170 NOTE: Introduced by: https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=ab2e53c8a196a595e50f1c836bf756b9db1ae68d (grub-2.06-rc1) @@ -76832,6 +76835,7 @@ CVE-2022-21691 (OnionShare is an open source tool that lets you securely and ano CVE-2022-21690 (OnionShare is an open source tool that lets you securely and anonymous ...) - onionshare 2.5-1 (bug #1014966) [bullseye] - onionshare <no-dsa> (Minor issue) + [buster] - onionshare <not-affected> (Vulnerable code introduced later in v2.0) NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-ch22-x2v3-v6vq NOTE: https://github.com/onionshare/onionshare/commit/8f1e7ac224e54f57e43321bba2c2f9fdb5143bb0 (v2.5) CVE-2022-21689 (OnionShare is an open source tool that lets you securely and anonymous ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ed3a977ee6d2bf3d6f73656381429f552147bc26...805cb7e53056838605840bfe74c7a1ea03cb79e5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ed3a977ee6d2bf3d6f73656381429f552147bc26...805cb7e53056838605840bfe74c7a1ea03cb79e5 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits