Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f6a96ba3 by Thorsten Alteholz at 2022-11-19T19:12:21+01:00
mark CVE-2022-43705 as no-dsa for Buster
- - - - -
d60aec1c by Thorsten Alteholz at 2022-11-19T19:16:10+01:00
mark CVE-2021-3981 as no-dsa for Buster
- - - - -
202f6141 by Thorsten Alteholz at 2022-11-19T19:21:25+01:00
mark CVE-2022-3979 as no-dsa for Buster
- - - - -
805cb7e5 by Thorsten Alteholz at 2022-11-19T19:28:05+01:00
mark CVE-2022-21690 as not-affected for Buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1062,6 +1062,7 @@ CVE-2022-45198 (Pillow before 9.2.0 performs Improper
Handling of Highly Compres
CVE-2022-3979 (A vulnerability was found in NagVis up to 1.9.33 and classified
as pro ...)
- nagvis 1:1.9.34-1
[bullseye] - nagvis <no-dsa> (Minor issue)
+ [buster] - nagvis <no-dsa> (Minor issue)
NOTE:
https://github.com/NagVis/nagvis/commit/7574fd8a2903282c2e0d1feef5c4876763db21d5
(nagvis-1.9.34)
CVE-2022-3978 (A vulnerability, which was classified as problematic, was found
in Nod ...)
NOT-FOR-US: NodeBB
@@ -7661,6 +7662,7 @@ CVE-2022-43705 [malicious OCSP responder could forge OCSP
responses]
RESERVED
- botan 2.19.3+dfsg-1
[bullseye] - botan <no-dsa> (Minor issue)
+ [buster] - botan <no-dsa> (Minor issue)
NOTE:
https://github.com/randombit/botan/security/advisories/GHSA-4v9w-qvcq-6q7w
NOTE:
https://github.com/randombit/botan/commit/fd83d9e262f63fb673e4c13ca37e5b768e41e812
(2.19.3)
NOTE:
https://github.com/randombit/botan/commit/4e35073ff356e37c3adcf1ff3522e9d0d48c765f
(2.19.3)
@@ -76429,6 +76431,7 @@ CVE-2021-3982 (Linux distributions using CAP_SYS_NICE
for gnome-shell may be exp
CVE-2021-3981 (A flaw in grub2 was found where its configuration file, known
as grub. ...)
- grub2 <unfixed> (bug #1001414)
[bullseye] - grub2 <no-dsa> (Minor issue)
+ [buster] - grub2 <no-dsa> (Minor issue)
[stretch] - grub2 <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2024170
NOTE: Introduced by:
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=ab2e53c8a196a595e50f1c836bf756b9db1ae68d
(grub-2.06-rc1)
@@ -76832,6 +76835,7 @@ CVE-2022-21691 (OnionShare is an open source tool that
lets you securely and ano
CVE-2022-21690 (OnionShare is an open source tool that lets you securely and
anonymous ...)
- onionshare 2.5-1 (bug #1014966)
[bullseye] - onionshare <no-dsa> (Minor issue)
+ [buster] - onionshare <not-affected> (Vulnerable code introduced later
in v2.0)
NOTE:
https://github.com/onionshare/onionshare/security/advisories/GHSA-ch22-x2v3-v6vq
NOTE:
https://github.com/onionshare/onionshare/commit/8f1e7ac224e54f57e43321bba2c2f9fdb5143bb0
(v2.5)
CVE-2022-21689 (OnionShare is an open source tool that lets you securely and
anonymous ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ed3a977ee6d2bf3d6f73656381429f552147bc26...805cb7e53056838605840bfe74c7a1ea03cb79e5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ed3a977ee6d2bf3d6f73656381429f552147bc26...805cb7e53056838605840bfe74c7a1ea03cb79e5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
