[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2022-45198 as no-dsa for Buster

Sat, 19 Nov 2022 17:05:55 -0800 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f323fc97 by Thorsten Alteholz at 2022-11-20T01:42:36+01:00
mark CVE-2022-45198 as no-dsa for Buster

- - - - -
53093990 by Thorsten Alteholz at 2022-11-20T02:00:05+01:00
mark CVEs for non-free bluez-firmware as no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1067,6 +1067,7 @@ CVE-2022-45199 (Pillow before 9.3.0 allows denial of 
service via SAMPLESPERPIXEL
 CVE-2022-45198 (Pillow before 9.2.0 performs Improper Handling of Highly 
Compressed GI ...)
        - pillow 9.2.0-1
        [bullseye] - pillow <no-dsa> (Minor issue)
+       [buster] - pillow <no-dsa> (Minor issue)
        NOTE: 
https://github.com/python-pillow/Pillow/commit/11918eac0628ec8ac0812670d9838361ead2d6a4
 (9.2.0)
        NOTE: https://github.com/python-pillow/Pillow/pull/6402
 CVE-2022-3979 (A vulnerability was found in NagVis up to 1.9.33 and classified 
as pro ...)
@@ -104962,18 +104963,22 @@ CVE-2021-34149 (The Bluetooth Classic 
implementation on the Texas Instruments CC
 CVE-2021-34148 (The Bluetooth Classic implementation in the Cypress WICED BT 
stack thr ...)
        - bluez-firmware <unfixed> (bug #1024356)
        [bullseye] - bluez-firmware <no-dsa> (Non-free not supported)
+       [buster] - bluez-firmware <no-dsa> (Non-free not supported)
        NOTE: 
https://github.com/RPi-Distro/bluez-firmware/commit/31ad68831357d2019624004f1f0846475671088f
 CVE-2021-34147 (The Bluetooth Classic implementation in the Cypress WICED BT 
stack thr ...)
        - bluez-firmware <unfixed> (bug #1024356)
        [bullseye] - bluez-firmware <no-dsa> (Non-free not supported)
+       [buster] - bluez-firmware <no-dsa> (Non-free not supported)
        NOTE: 
https://github.com/RPi-Distro/bluez-firmware/commit/31ad68831357d2019624004f1f0846475671088f
 CVE-2021-34146 (The Bluetooth Classic implementation in the Cypress 
CYW920735Q60EVB do ...)
        - bluez-firmware <unfixed> (bug #1024356)
        [bullseye] - bluez-firmware <no-dsa> (Non-free not supported)
+       [buster] - bluez-firmware <no-dsa> (Non-free not supported)
        NOTE: 
https://github.com/RPi-Distro/bluez-firmware/commit/31ad68831357d2019624004f1f0846475671088f
 CVE-2021-34145 (The Bluetooth Classic implementation in the Cypress WICED BT 
stack thr ...)
        - bluez-firmware <unfixed> (bug #1024356)
        [bullseye] - bluez-firmware <no-dsa> (Non-free not supported)
+       [buster] - bluez-firmware <no-dsa> (Non-free not supported)
        NOTE: 
https://github.com/RPi-Distro/bluez-firmware/commit/31ad68831357d2019624004f1f0846475671088f
 CVE-2021-34144 (The Bluetooth Classic implementation in the Zhuhai Jieli 
AC6366C BT SD ...)
        NOT-FOR-US: Zhuhai Jieli



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4db1e46eef36397a75820b07a25fadc6fef5d3bf...53093990d5f68db8a1447008d28351ddd0fda408

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4db1e46eef36397a75820b07a25fadc6fef5d3bf...53093990d5f68db8a1447008d28351ddd0fda408
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to