[Git][security-tracker-team/security-tracker][master] 2 commits: new gitlab issues

Moritz Muehlenhoff (@jmm) Mon, 21 Nov 2022 04:50:42 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
78a7a183 by Moritz Muehlenhoff at 2022-11-21T13:40:20+01:00
new gitlab issues

- - - - -
f31d24af by Moritz Muehlenhoff at 2022-11-21T13:49:50+01:00
two additional CVEs from August Nvidia advisory, copy over existing entries for 
older suites

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -20240,7 +20240,7 @@ CVE-2022-3031 (An issue has been discovered in GitLab 
CE/EE affecting all versio
        - gitlab <unfixed>
        NOTE: 
https://about.gitlab.com/releases/2022/08/30/critical-security-release-gitlab-15-3-2-released/
 CVE-2022-3030 (An improper access control issue in GitLab CE/EE affecting all 
version ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2022-3029 (In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due 
to a mi ...)
        - routinator <itp> (bug #929024)
 CVE-2022-3028 (A race condition was found in the Linux kernel's IP framework 
for tran ...)
@@ -21867,7 +21867,7 @@ CVE-2022-2828 (In affected versions of Octopus Server 
it is possible to reveal i
 CVE-2022-2827
        RESERVED
 CVE-2022-2826 (An issue has been discovered in GitLab affecting all versions 
starting ...)
-       TODO: check
+       - gitlab <unfixed>
 CVE-2022-38362 (Apache Airflow Docker's Provider prior to 3.0.0 shipped with 
an exampl ...)
        - airflow <itp> (bug #819700)
 CVE-2022-38361
@@ -31714,9 +31714,43 @@ CVE-2022-34667 (NVIDIA CUDA Toolkit SDK contains a 
stack-based buffer overflow v
        [buster] - nvidia-cuda-toolkit <no-dsa> (Minor issue)
        NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5373
 CVE-2022-34666 (NVIDIA GPU Display Driver for Windows and Linux contains a 
vulnerabili ...)
-       TODO: check
+       - nvidia-graphics-drivers 470.141.03-1
+       [bullseye] - nvidia-graphics-drivers 470.141.03-1~deb11u1
+       [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
+       - nvidia-graphics-drivers-legacy-340xx <unfixed>
+       [buster] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not 
supported)
+       - nvidia-graphics-drivers-legacy-390xx 390.154-1
+       [bullseye] - nvidia-graphics-drivers-legacy-390xx 390.154-1~deb11u1
+       [buster] - nvidia-graphics-drivers-legacy-390xx 390.154-1~deb10u1
+       - nvidia-graphics-drivers-tesla-418 <unfixed>
+       [bullseye] - nvidia-graphics-drivers-tesla-418 <no-dsa> (Non-free not 
supported)
+       - nvidia-graphics-drivers-tesla-450 450.203.03-1
+       [bullseye] - nvidia-graphics-drivers-tesla-450 450.203.03-1~deb11u1
+       - nvidia-graphics-drivers-tesla-460 460.106.00-3
+       [bullseye] - nvidia-graphics-drivers-tesla-460 <no-dsa> (Non-free not 
supported)
+       NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
+       - nvidia-graphics-drivers-tesla-470 470.141.03-1
+       [bullseye] - nvidia-graphics-drivers-tesla-470 470.141.03-1~deb11u1
+       - nvidia-graphics-drivers-tesla-510 510.85.02-1
 CVE-2022-34665 (NVIDIA GPU Display Driver for Windows and Linux contains a 
vulnerabili ...)
-       TODO: check
+       - nvidia-graphics-drivers 470.141.03-1
+       [bullseye] - nvidia-graphics-drivers 470.141.03-1~deb11u1
+       [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported)
+       - nvidia-graphics-drivers-legacy-340xx <unfixed>
+       [buster] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not 
supported)
+       - nvidia-graphics-drivers-legacy-390xx 390.154-1
+       [bullseye] - nvidia-graphics-drivers-legacy-390xx 390.154-1~deb11u1
+       [buster] - nvidia-graphics-drivers-legacy-390xx 390.154-1~deb10u1
+       - nvidia-graphics-drivers-tesla-418 <unfixed>
+       [bullseye] - nvidia-graphics-drivers-tesla-418 <no-dsa> (Non-free not 
supported)
+       - nvidia-graphics-drivers-tesla-450 450.203.03-1
+       [bullseye] - nvidia-graphics-drivers-tesla-450 450.203.03-1~deb11u1
+       - nvidia-graphics-drivers-tesla-460 460.106.00-3
+       [bullseye] - nvidia-graphics-drivers-tesla-460 <no-dsa> (Non-free not 
supported)
+       NOTE: 460.106.00-3 turned the package into a metapackage to aid 
switching to nvidia-graphics-drivers-tesla-470
+       - nvidia-graphics-drivers-tesla-470 470.141.03-1
+       [bullseye] - nvidia-graphics-drivers-tesla-470 470.141.03-1~deb11u1
+       - nvidia-graphics-drivers-tesla-510 510.85.02-1
 CVE-2022-34664
        RESERVED
 CVE-2022-34663 (A vulnerability has been identified in RUGGEDCOM ROS M2100 
(All versio ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4736cf4bc21ff490c1ef8fafd4f15638f5ff3d29...f31d24af95fd6c3933e507152be88b85d49902f8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4736cf4bc21ff490c1ef8fafd4f15638f5ff3d29...f31d24af95fd6c3933e507152be88b85d49902f8
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: new gitlab issues

Reply via email to