Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
43c9e55c by Salvatore Bonaccorso at 2022-11-25T10:30:05+01:00
Update information for CVE-2022-2990/golang-github-containers-buildah
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21443,10 +21443,10 @@ CVE-2022-2991 (A heap-based buffer overflow was found
in the Linux kernel's Ligh
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-960/
NOTE: CONFIG_NVM not enabled in Debian
CVE-2022-2990 (An incorrect handling of the supplementary groups in the
Buildah conta ...)
- - golang-github-containers-buildah <unfixed>
+ - golang-github-containers-buildah 1.28.0+ds1-2
NOTE:
https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
NOTE: https://github.com/containers/buildah/pull/4200
- NOTE:
https://github.com/containers/buildah/commit/9934b17365083ce966b44c5ce3c7e052f516e255
+ NOTE:
https://github.com/containers/buildah/commit/9934b17365083ce966b44c5ce3c7e052f516e255
(v1.28.0)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2121453
CVE-2022-2989 (An incorrect handling of the supplementary groups in the Podman
contai ...)
[experimental] - libpod 4.3.1+ds1-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43c9e55c1ba2bda9b30ef63bf88dc4cd6439e45f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43c9e55c1ba2bda9b30ef63bf88dc4cd6439e45f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
